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Abstract. We study the finitary version of the coalgebraic logic introduced by L. Moss. 
The syntax of this logic, which is introduced uniformly with respect to a coalgebraic type 
functor, required to preserve weak puUbacks, extends that of classical propositional logic 
with a so-called coalgebraic cover modality depending on the type functor. Its semantics 
is defined in terms of a categorically defined relation lifting operation. 

As the main contributions of our paper we introduce a derivation system, and prove 
that it provides a sound and complete axiomatization for the collection of coalgebraically 
valid inequalities. Our soundness and completeness proof is algebraic, and we employ 
Pattinson's stratification method, showing that our derivation system can be stratified in 
countably many layers, corresponding to the modal depth of the formulas involved. 

In the proof of our main result we identify some new concepts and obtain some auxiliary 
results of independent interest. We survey properties of the notion of relation lifting, 
induced by an arbitrary but fixed set functor. We introduce a category of Boolean algebra 
presentations, and establish an adjunction between it and the category of Boolean algebras. 

Given the fact that our derivation system involves only formulas of depth one, it can 
be encoded as a endo-functor on Boolean algebras. We show that this functor is finitary 
and preserves embeddings, and we prove that the Lindenbaum-Tarski algebra of our logic 
can be identified with the initial algebra for this functor. 
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1. Introduction 

Coalgebra, introduced to computer science by Aczel in the late 1980s ^4 |2j, is rapidly 
gaining ground as a general mathematical framework for many kinds of state-based evolv- 
ing systems. Examples of coalgebras include data streams, (infinite) labelled trees, Kripke 
structures, finite automata, (probabilistic/weighted) transition systems, neighborhood mod- 
els, and many other familiar structures. As emphasized by Rutten [l6], who developed, in 
analogy with Universal Algebra, the theory of Universal Coalgebra as a general theory of 
such transition systems, the coalgebraic viewpoint combines wide applicability with mathe- 
matical simplicity. In particular, one of the main advantages of the coalgebraic approach is 
that a substantial part of the theory of systems can be developed uniformly in a functor T 
which represents the type of the coalgebras we are dealing with. Here we restrict attention 
to systems, where T is an endofunctor on the category Set of sets with functions, so that a 
T-coalgebra is a pair of the form 

X= {X,C : X ^ TX) 

with the set X being the carrier or state space of the coalgebra, and the map ^ its un- 
folding or transition map. Many important notions, properties, and results of systems can 
be explained just in terms of properties of their type functors. As a key example, any 
set functor T canonically induces a notion of observational or behavioural equivalence be- 
tween T-coalgebras; this notion generalizes the natural notions of bisimilarity that were 
independently developed for each specific type of system. 

In order to describe and reason about the kind of behaviour modelled by coalgebras, 
there is a clear need for the design of coalgebraic specification languages and derivation 
systems, respectively. The resulting research programme of Coalgebraic Logic naturally 
supplements that of Coalgebra by searching for logical formalisms that, next to meeting 
the usual desiderata such as striking a good balance between expressive power and com- 
putational feasibility, can be defined and studied uniformly in the functor T. Given the 
fact that Kripke models and frames are prime examples of coalgebras, it should come as no 
surprise that in search for suitable coalgebraic logics, researchers looked for inspiration to 
modal logic [16]. 

This research direction was inititiated by Moss [H]; roughly speaking, his idea was to 
take the functor T itself as supplying a modality Vt, in the sense that for every element 
a £ TC (where £ is the collection of formulas), the object Vtck is a formula in C. While 
Moss' work was recognized to be of seminal conceptual importance in advocating modal 
logic as a specification language for coalgebra, his particular formalism did not find much 
acclaim, for at least two reasons. First of all, the semantics of his modality is defined in terms 
of relation lifting, and for this to work smoothly, Moss needed to impose a restriction on 
the functor (the coalgebra type functor T is required to preserve weak pullbacks). Thus the 
scope of his work excluded some interesting and important coalgebras such as neighborhood 
models and frames. And second, for practical purposes, the syntax of Moss' language was 
considered to be rather unwieldy, with the nonstandard operator Vt looking strikingly 
different from the usual □ and O modalities. 

Following on from Moss' work, attention turned to the question how to obtain modal 
languages for T-coalgebras which use more standard modalities |36| l45l [28] , and how to find 
derivation systems for these formalisms. This approach is now usually described in terms of 
predicate liftings [43l|49] or, equivalently. Stone duality [171 137]. Other approaches towards 
coalgebraic logic, such as the one using co-equations [3] until now have received somewhat 
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less attention. For a while, this development directed interest away from Moss' logic, and 
the relationship between various approaches towards coalgebraic logic was not completely 
clear. 

In the mean time, however, it had become obvious that even in standard modal logic, 
a nabla-based approach has some advantages. In this setting the coalgebra type T is in- 
stantiated by the power set functor P, so that (the finitary version of) the nabla operator 
Vp, takes a (finite) set a of formulas and returns a single formula Vpa. The semantics of 
this so-called cover modality can be explicitly formulated as follows, for an arbitrary Kripke 
structure X with accessibility relation R: 

X, X Ih Vpa if for all a S a there is a t S R[x\ with X, t Ih a, and ,^ 
for all t G R[x\ there is an a G a with X, t Ih a. 

In short: Vpa holds at a state x iff the formulas in a and the set R[x\ of successors of 
X 'cover' one another. Readers familiar with classical first-order logic will recognize the 
quantification pattern underlying (jl.ip from the theory of Ehrenfeucht-Frai'sse games, Scott 
sentences, and the like, see for instance [26]. In modal logic, related ideas made an early 
appearance in Fine's work on normal forms [21]. 

Using the standard modal language, Vp can be seen as a defined operator: 

Vpa = n\|a^ f\Oa, (1.2) 

where Oa denotes the set {Oa | a G a}. But is in fact an easy exercise to prove that with 
Vp defined by (jl.ip . we have the following semantic equivalences: 

Oa = Vp{a,T} , . 

□a = Vp0VVp{a} ^ ■ ' 

In other words, the standard modalities □ and O can be defined in terms of the nabla 
operator (together with V and T). When combined, (|1.2p and (jl.Sh show that the language 
based on the nabla operator offers an alternative formulation of standard modal logic. 

In fact, independently of Moss' work, Janin & Walukiewicz [30] had already made the 
much stronger observation that the set of connectives {□,C',A,V} may in some sense be 
replaced by the connectives Vp and V, that is, without the conjunction operation. This fact, 
which is closely linked to fundamental automata-theoretic constructions, lies at the heart 
of the theory of the modal /i-calculus, and has many applications, see for instance [201 147] . 
These observations naturally led Venema [55j to introduce, parametric in the coalgebraic 
type functor T, a finitary version of Moss' logic, extended with fixpoint operators, and to 
generalize the link between fixpoint logics and automata theory to the coalgebraic level of 
generality. Subsequently, Kupke & Venema [35] showed that many fundamental results in 
automata theory and fixpoint logics are really theorems of universal coalgebra. The key 
role of the nabla modality in these results revived interest in Moss' logic. 

Our paper addresses the main problem left open in the literature on V-based coalgebraic 
logic, namely that of providing a sound and complete derivation system for the logic. Moss' 
approach is entirely semantic, and does not provide any kind of syntactic calculus. As a first 
result in the direction of a derivation system for nabla modalities, Palmigiano &l Venema |42j 
gave a complete axiomatization for the cover modality Vp. This calculus was streamlined 
into a formulation that admits a straightforward generalization to an arbitrary set functor 
T, by Bflkova, Palmigiano & Venema [13], who also provided suitable Gentzen systems for 
the logic based on Vp. In this paper we will prove the soundness and completeness of this 
axiomatization in the general case. 
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In the remaining part of the introduction we briefly survey the paper, its main contri- 
butions, and its proof method. Throughout the paper we let T denote the coalgebraic type 
functor; usually we make the proviso that T preserves weak pullbacks and inclusions (all of 
this will be discussed further on in detail). Our key instrument in making Moss' language 
more standard is to base its syntax on the finitary version T,^ of the functor T which is 
defined on objects as follows: for a set X, T^^X := \]{TY \ Y X}. As we will discuss 
in detail, for each object a G Ti^X there is a minimal finite set Basex{ot) X such that 
a € TBase{a), and the maps Basex provide a natural transformation 

Base : ^ Pui- 

The formulas of our coalgebraic language C can now be defined by the following grammar: 

a ::= -la [ /\ip \ \/ip \ V^a- 

where 99 € Pu,C and a € T^^C. That is, the propositional basis of our coalgebraic language 
C takes the finitary conjunction (/\) and disjunction (\/) connectives as primitives, and to 
this we add the coalgebraic modality Vt, which returns a formula Vtck for every object 
a G Ti^C. The point of restricting Moss' modality to the set T^C is that the formula V-rce 
has a finite, clearly defined set of immediate subformulas, namely the set Base{a); thus 
every formula has a finite set of subformulas. 

The key observation of Moss [41j was that the semantics (jl.ip of V can be expressed in 
terms of the so-called Egli-Milner lifting of the satisfaction relation Ih C X xC. Generalizing 
this observation from the Kripke functor P to the arbitrary type T, he uniformly defined 
the semantics of Vt in a T-coalgebra X = {X,S^) as follows: 

X,x Ih Vra ifrC(x) Tlh a. 

Here T\\- denotes a categorically defined lifting of the satisfaction relation Ih C X x C 
between states and formulas to a relation Tlh C TX x TC Given the importance of the 
relation lifting operation T in Moss' logic, we include in this paper a fairly detailed survey 
of its properties and related concepts. 

The coalgebraic validities, that is, the formulas that are true at every state of every 
T-coalgebra thus constitute a semantically defined coalgebraic logic, and it is this logic that 
we will axiomatize in this paper. Our approach will be algebraic in nature, and so it will be 
convenient to work with equations, or rather, inequalities (expressions of the form a =4 b, 
where a an 6 are terms/formulas of the language). 

We obtain our derivation system for Moss' logic by extending a sound and complete 
derivation system for propositional logic with three rules for the V-operator. The first 
rule, denoted by (VI), can be seen as a combined montonicity and congruence rule. Rule 
(V2) is a distributive law that expresses that any conjunction of V-formulas is equivalent 
to a (possibly infinite) disjunction of V-formulas built from conjunctions. Finally, rule 
(V3) expresses that V distributes over disjunctions. In the case that the functor T under 
consideration maps finite sets to finite sets, the rules (V2) and (V3) take the form of axioms. 

The proof of our soundness and completeness theorem is based on the stratification 
method of Pattinson [43]. We will show that not only the language of our system, but also 
its semantics and our derivation system can be stratified in cj many layers corresponding 
to the modal depth of the formulas involved. (This means for instance that if two formulas 
of depth n are provably equivalent, this can be demonstrated by a derivation involving only 
formulas of depth at most n.) What glues these layers nicely together can be formulated in 
terms of properties of a one-step version of the derivation system M. 
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In our algebraic approach, this one-step version of M is incarnated as a functor on the 
category of Boolean algebras: 

M : BA ^ BA. 

To mention a few interesting properties of this functor, of which the definition is uniformly 
parametrized by the functor T: M is finitary, and preserves atomicity of Boolean algebras, 
and injectivity of homomorphisms. We will be interested in algebras for the functor M, and 
in particular, we will see that the initial M-algebra can be seen as the Lindenbaum-Tarski 
algebra of our derivation system M. 

For the definition of M, we need to go into quite a bit of detail concerning the theory of 
presentations of (Boolean) algebras. In particular, we define a category Pres of presentations 
by introducing a suitable notion of presentation morphism, and establish an adjunction 
between the categories Pres and BA: 

B 

BA ^TZ Pres (1.4) 

c 

This adjunction (which is almost an equivalence) is the instrument that allows us to turn 
the modal rule and axioms of M into the functor M; the key property that makes this work 
is that all modal rules and axioms of M are formulated in terms of depth- one formulas. 

What is left to do, in order to prove the soundness and completeness of our logic, is 
connect the algebra functor M : BA — t- BA (that is, the 'logic') to the coalgebra functor 
T : Set —> Set (the 'semantics'). Here we will apply a well-known method in coalgebraic 
logic [iTl [37] which is often described in terms of Stone duality because its aim is to link 
functors on two different base categories that are connected themselves by a Stone-type 
duality or adjunction. 

In our case, to make the connection between M and T we invoke the already existing 
link on the level of the base logic, provided by the (contravariant) power set functor IP 
from Set to BA (we do not need its adjoint functor sending a Boolean algebra to its set of 
ultrafilters) : 

p 

m(^BA'' ~Set^r (1.5) 

The key remaining step in the completeness proof involves the definition of a natural trans- 
formation 

<5 : MP ^ FT. 

As usual in the Stone duality approach towards coalgebraic logic, the existence of S cor- 
responds to the soundness of the logic. To get an idea of why this is the case, observe 
that the existence of 5 enables us to see a T-coalgebra X = (X, ^) as an M-algebra, namely 
its complex algebra X* := (PX, o 6x)- Finally, as we will see in the final part of our 
stratification-based proof, the completeness of M is based on the observation that 

5 is injective, (1.6) 

that is, for each set X, the BA-homomorphism 6x ■ MPX — ?> PTX is an embedding. The 
proof of (|1.6p . which technically forms the heart of our proof, is based on the fact that the 
nabla-axioms allow us to write depth-one formulas into a certain normal form, and on the 
earlier mentioned properties of the functor M. 

This paper replaces, extends and partly corrects (c.q. clarifies, see Remark 17. 8p an 
earlier version [34]. The main differences with respect to |34j are the following. First 
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of all, we provide a detailed, self-contained overview of the notion of relation lifting and 
its properties (which was only covered as Fact 3 in the mentioned paper). Second, our 
categorical treatment of presentations and the algebras they present (which is novel to the 
best of our knowledge) clarifies and substantially extends the treatment in [3l]. Third, our 
axiomatization simplifies the earlier one; in particular, we show here in detail that we do not 
need axioms or rules specifically dealing with negation (more specifically, we prove that an 
earlier rule (V4) is derivable in the system here. Fourth, we provide a more precise definition 
and a more detailed discussion of the functor M; for instance, the result that M preserves 
atomicity is new. Fifth and final, we show here in much more detail and precision how the 
soundness and completeness of our axiomatization follows from the one-step soundness and 
completeness. 

Overview. In the next section we fix our notation, introduce the necessary basic (co-)alge- 
braic terminology and discuss properties of functors on the category of sets that will play 
an important role in our paper. After that, in Section [3l we recall the notion of a relation 
lifting T induced by a set functor T and give an overview of its properties. Section S] and 
Section [5] introduce the terminology that we need concerning Boolean algebras and their 
presentations, and concerning Moss' coalgebraic logic, respectively. 

After that we move to the main results of our paper. First, in Section[6]we introduce the 
derivation system for Moss' coalgebraic logic and we define the algebra functor M : BA — >■ 
BA. In Section [7] we prove that our derivation system is one-step sound and complete. 
Within the above described categorical framework this is equivalent to establishing the 
existence of a natural transformation 6 : MP ¥T (one-step soundness) and proving that 
this transformation 6 is injective (one-step completeness). Finally, in Section [8] we prove 
our main result, namely soundness and completeness of our derivation system with respect 
to the coalgebraic semantics. We conclude with an overview of related work and open 
questions. 

Finally, since this paper features a multitude of categories, functors and natural trans- 
formations, for the reader's convenience we list these in an appendix. 

Acknowledgement. We thank the anonymous referee for many useful comments. 

2. Preliminaries 

The purpose of this section is to fix our notation and terminology, and to introduce some 
concepts that underlie our work in all other parts of the paper. 

2.1. Basic mathematics and category theory. First we fix some basic mathematical 
issues. Given a set X, we let PX and PujX denote the power set and the finite power set 
of X, respectively. We write Y X to indicate that y is a finite subset of X. 

Given a relation R C. X x X' , we denote the domain and range of R by dom(i?) and 
rng(i?), respectively, and we denote hy tt^ : R ^ X its first projection and hy tt^" '■ R ^ X' 
its second projection map. Given subsets Y X , Y' CI X' , the restriction of to y and 
Y' is given as 

R\yxY' ■.= Rri{Y X Y'). 
The converse of a relation R C X x X' is denoted as R" X' x X . 
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The composition of two relations R Q X x X' and R' Q X' x X" is denoted by R,R', 
while the composition of two functions f : X X' and /' : X' — ?> X" is denoted by /' o /. 
That is, we denote function composition by o and write it from right to left and we denote 
relation composition of relations by ; and write it from left to right. 

It is often convenient to identify a function f : X ^ X' with its graph, that is, the 
relation Gr{f) = {(x, f{x)) \ x € X} C X x X' . For example given a relation i? C X x X' 
and a function / : X' — > X" we write R; f to denote the composition of relations R ; Gr{f). 

We will assume familiarity with basic notions from category theory, including those 
of categories, functors, natural transformations, (co-)monads and (co-)limits; see for in- 
stance [lO]. We denote by Set the category of sets and functions, and by Rel the category 
of sets and binary relations. BA is the category with Boolean algebras as objects and 
homomorphisms as arrows. 

Endofunctors on Set will simply be called set functors. We denote by P the power 
set functor which maps a set X to its power set PX and a function / : X ^ X' to 
its direct image Pf : PX PX', given by P{X) 3 Y {fiu) I V S Y}. Similarly, 
PujX denotes the finite power set functor. P is in fact (part of) a monad {P,fi,r]), with 
Tjx '■ X ^ P{X) denoting the singleton map rjx x ^ {x}, and ■ PPX — > PX denoting 
union, := U^- The contravariant power set functor will be denoted as P; this 

functor maps a set X to its power set PX = PX, and a function / : X ^ X' to its inverse 
image Pf : PX' PX given by PX' 3Y' ^ {x £ X \ fx £ Y'}. 

2.2. (Co-)algebras. We provide some details concerning the notions of an algebra and a 
coalgebra for a functor. We start with coalgebras since these provide the semantic structures 
of the logics considered in this paper. 

Definition 2.1. Given a functor T on a category C, a T-coalgebra (X, ^) is an arrow 
^ : X — )• TX in C; a T-coalgebra morphism / : (X, ^) (X',^') is an arrow / : X ^ X' 
such that Tf o ^ = ^' o /, in a diagram: 

X — ^—^X' 

Tf , 

TX — TX' 

The functor T is called the type of the coalgebra (X, ^), The category of T-coalgebras is 
denoted by Coalg(T) and we denote coalgebras by capital letters X,Y, ... in blackboard 
bold. 

In the case of a set coalgebra (that is, a coalgebra for a set functor), elements of the 
(carrier of the) coalgebra will be called states of the coalgebra, and a pointed coalgebra is a 
pair consisting (X, x) consisting of a coalgebra X = (X, ^) and a state x of X. <l 

Here are some simple, standard examples of coalgebras for set functors. 

Example 2.2. 

(1) We let Id denote the identity functor on Set. Given a set C, we let C itself also denote 
the constant functor, mapping every set X to C, and every function / to the identity 
map idc on C. Coalgebras for this functor are called C-colorings; in case C is of 
the form P(Prop) for some set Prop of proposition letters, we may think of a coloring 
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^ : X — >■ C as a Prop-valuation (in the sense that $, says of every proposition letter p 
and every state x whether p is true of x or not) . 

(2) A Kripke frame {S, R) can be represented as a coalgebra {S, an) for the power set 
functor P, with aji : S ^ PS mapping a point s to its coUection of successors. It is 
left as an exercise for the reader to verify that the coalgebra morphisms for this functor 
precisely coincide with the bounded morphisms of modal logic. 

(3) Coalgebras for the functor Pop (that is, the contravariant power set functor composed 
with itself) can be identified with the neighborhood frames known from the theory of 
modal logic as structures that generalize Kripke frames. As a special case of this, but 
also generalizing Kripke frames, the monotone neighborhood functor N maps a set X 
to the collection N(X) := {a G PPX \ a is upward closed }, and a function / to the 
map PPf. 

(4) For a slightly more involved example, consider the finitary multiset or bag functor S^^. 
This functor takes a set X to the collection B^X of maps /i : X ^ N of finite support 
(that is, for which the set Supp{iJi) := {x ^ X \ ii{x) > 0} is finite), while its action 
on arrows is defined as follows. Given an arrow f : X ^ X' and a map /x G Bi^X, we 
define {B^f){n) : X' N by putting 

(5^/)(/x)(x') :=5]{Mx)|/(x) = x'}. 

(5) As a variant of B^^, consider the finitary probability functor D^^, where Di^X = {5 : 
X — )• [0, 1] I Supp{5) is finite and ^^^x '^(^) — while the action of D,^ on arrows is 
just like that of B^^. 

Example 2.3. Many examples of coalgebraically interesting set functors are obtained by 
composition of simpler functors. Inductively define the following class EKPF of extended 
Kripke polynomial functors: 

T := Id\C\P\B^\D^\TooTi\TQ + Ti\TQxTi\T^, 

where o, + and x denote functor composition, coproduct (or disjoint union) and product, 
respectively, and (— )^ denotes exponentiation with respect to some set D. Examples of 

such functors include: 

(1) Given an alphabet-color set C, the C -streams are simple specimens of coalgebras for 
the functor C x Id\ similarly, C-labelled binary trees are coalgebras for the functor 
Bc = C X Idx Id. 

(2) Labelled transition systems over a set A of atomic actions can be seen as coalgebras for 
the functor P{-)^. 

(3) Deterministic automata are coalgebras for the functor (— )^ x 2 where S is the finite 
alphabet. 

(4) Kripke models over a set Prop of proposition letters can be identified with coalgebras 
for the functor P(Prop) x P(-) = Po Cp^p xPoId. 

(5) Generalizing the previous example, viewing T-coalgebra as frames, wc can define T- 
models over a set Prop of proposition letters as coalgebras for the functor Tp^op = 
P(Prop) X r(-). 

As running examples through this paper we will often take the binary tree functor over a 
set C of colors, and the power set functor. 

The key notion of equivalence in coalgebra is of two states in two coalgebras being 
behaviorally equivalent. In case the functor T admits a final coalgebra Z = (Z, Q the 
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elements of Z often provide an intuitive encoding of the notion of behaviour, and the 
unique coalgebra homomorphism !x can be seen as a map that assigns to a state x in X 
its behaviour. In this case we call two states, x in X and x' in X', behaviorally equivalent 
if l^ix) =\x'{x'). In the general case, when we may not assume the existence of a final 
coalgebra, we define the notion as follows. 

Definition 2.4. Two elements (often called states) x, x' in two coalgebras X and X', respec- 
tively, are behaviorally equivalent iff there are coalgebra morphisms /, /' with a common 
codomain such that f{x) = f'{x'). <\ 

Turning to the dual notion of algebra, we shall use algebras mainly to describe logics 
for coalgebras, and the notion of an algebra 'for a functor' will provide us with an elegant 
way to exploit the duality with coalgebras. 

Definition 2.5. Given a functor L on a category A, an L-algebra [A, a) is an arrow a : 
LA — > ^ in A and an L-algebra morphism / : (^, a) {A\ a') is an arrow f : A A' such 
that f o a = a' o Lf. The category of L-algebras is denoted by Alg(L). <l 

Example 2.6. 

(1) If A = Set, then every signature (or similarity type) induces a functor LX = Un<Lj ^Pn ^ 

where Opn is the set of operation symbols of arity n. Then Alg(L) is (isomorphic 
to) the category of algebras for the signature. 

(2) If A = BA, then we can define a functor L : BA BA to map an algebra A to the 
algebra LA generated by Da, a € A, and quotiented by the relation stipulating that 
□ preserves finite meets. Then Alg(L) is isomorphic to the category of modal algebras 
[33]. 

As the second example above shows, functors on BA give rise to modal logics extending 
Boolean algebras with operators. 



2.3. Properties of set functors. As mentioned in the introduction, in this paper we will 
restrict our attention to set functors satisfying certain properties. The first one of these is 
crucial. 

Weak pullback preservation. Recall that a set P together with functions pi : P Xi and 
P2 '■ P X2 is a pullback of two functions /i : Xi — )• X and /2 : X2 X if fiopi = /2 o p2 
and for all sets P' and all functions p'l : P' ^ Xi, : P' — )■ X2 such that /i o p'^ = f^ojj^ 
there exists a unique function e : P' ^ P such that pi o e = p[ ioi i = 1,2. 




Xi ^X 

h 

If the function e is not necessarily unique we call {P,Pi,P2) a weak pullback. Furthermore 
we call a relation R C Xi x X2 a (weak) pullback of /i and /2 if R together with the 
projection maps vr^ and vr^ is a (weak) pullback of fi and /2. 

In the category of sets, (weak) pullbacks have a straightforward characterization 
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Fact 2.7. [22]. Given two functions fi : Xi ^ X3 and f2 : X2 X3, let 

pb{fi,f2) ■= {(3:1,3:2) I /i(a:i) = f2{x2)}. 
Furthermore, given a set P with functions pi : P ^ Xi and p2 P ^ X2, let 

e:y^ {pi{y),P2{v))- 
define a function e : P — )• /2). Then 

(1) {P,Pi,P2) is a pullback of /i and /2 iff /i opi = /2 op2 and e is an isomorphism. 

(2) {P,Pi,P2) is a weak pullback of fi and /2 iff fiopi = H °P2 and e is surjective. 

A functor T preserves weak pullhacks if it transforms every weak pullback {P,pi,p2) 
for /i and /2 into a weak pullback {TP,Tpi,Tp2) for T/i and r/2. An equivalent char- 
acterization is to require T to weakly preserve pullbacks, that is, to turn pullbacks into 
weak pullbacks. Further on in Corollary 13. 7( we will see yet another, and probably more 
motivating, characterization of this property. 

Example 2.8. All the functors of Example 12.21 preserve weak pullbacks, except for the 
neighborhood functor and its monotone variant. It can be shown that the property of 
preserving weak pullbacks is preserved under the operations 0,+, x and (— )^, so that all 
extended polynomial Kripke functors (Example 12. 3p preserve weak pullbacks. 

Standard functors. The second property that we will impose on our set functors is that of 
standardness. Given two sets X and X' such that X Q X' , let ix,x' denote the inclusion 
map from X into X' . A weak pullback-preserving set functor T is standard if it preserves 
inclusions, that is, if Tlx^x' = i-tx.tx' for every inclusion map ix,x'- 

Remark 2.9. Unfortunately the definition of standardness is not uniform throughout the 
literature. Our definition of standardness is taken from Moss |41) . while for instance Adamek 
& Trnkova [7] have an additional condition involving so-called distinguished points. Fortu- 
nately, the two definitions are equivalent in case the functor preserves weak pullbacks, see 
Kupke [32^ Lemma A. 2. 12]. Since we almost exclusively consider standard functors that 
also preserve weak pullbacks, we have opted for the simpler definition. 

For readers who are interested in some more details, fix sets 0,1 and 2 of of the corre- 
sponding sizes (0,1 and 2), respectively, and let e, o denote the two maps e, o : 1 — ?> 2. Then 
the second condition of standardness in the sense of [7] can be phrased as the requirement 
that TO = {x G Tl | Ti{x) = To{x)}, in words: all distinguished points are standard. 

In any case the restriction to standard functors is for convenience only, since every set 
functor is 'almost standard' [7J Theorem III. 4. 5]. That is, given an arbitrary set functor T, 
we may find a standard set functor T' such that the restriction of T and T' to all non-empty 
sets and non-empty functions are naturally isomorphic. The important observation about 
T' is that Alg(r) ^ Alg(T') and Coalg(T) ^ Coalg(r'). Consequently, in our work we can 
assume without loss of generality that our functors are standard and we will do so whenever 
convenient. 

Example 2.10. The finitary bag functor B^^ of Example 12.21 is not standard, but we may 
'standardize' it by representing any map ^ : X — )• N of finite support by its 'positive graph' 
{(x,/ix) I nx > 0}. Similarly, the finite distribution functor D^^ can be standardized by 
identifying a probability distribution : X — )• [0, 1] € D^^X with the (finite) set {{x,fj,x) \ 
fix > 0}. 
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Finitary functors. Let T be a set functor that preserves inclusions. Then T is finitary or 
uj-accessihle if, for all sets X, 

TX = yj{TY I Y C X, finite}. 

Generalizing the construction of from P, we can define, for any set functor T that 
preserves inclusions, its finitary version : Set Set by putting 

T^{x) := |J{ry|yc^x}, 
TM) ■■= Tf. 

It is easy to verify that T^^ preserves inclusions, is finitary and a subfunctor of T as we have 
a natural transformation tx ■ T^X ^ TX. Given the definition of the action of on 
arrows, we shall often write Tf instead of T,^/. 

In order to avoid confusion, we already mention the following fact, but we postpone its 
proof until subsection 13.31 

Proposition 2.11. Let T be a standard set functor that preserves weak puUbacks. Then 
T^ is also a standard functor that preserves weak puUbacks. 

The reason that we are interested in finitary functors is that we want our language to be 
finitary, in the sense that a formula has only finitely many sub formulas. The key property 
of finitary functors that will make this possible, is that every a € TX is supported by a 
finite subset of X, and in fact, there will always be a minimal such set. 

Definition 2.12. Given a finitary functor T and an element a € TX, we define 

BaseJcia) := f^{Y X \ a e TY}. 

< 

We write Base^ rather than Base'^" , and in fact omit the superscript whenever possible. 

Example 2.13. The following examples are easy to check: Base^ '■ X PujX is the 
singleton map, Base^ ■ PuiX — )■ Pu)X is the identity map on P^X, Base^ : C x X x X ^ 
PujX maps the triple (c, xi, X2) to the set {xi, X2}, and Base^" maps a finitary distribution 
to its support. 

Proposition 2.14. Let T : Set —> Set be a standard functor that preserves weak puUbacks. 

(1) For any a € T^^X , Base'^{a) is the smallest set Y such that a G TY . 

(2) Base^ provides a natural transformation Base :T^ ^ P^^. 

Proof. Part (1) is proved in |55j . 

For the second part, consider a map / : X — t- X' . We have to show P^^f o Bascx = 
Bascx' ° T^jjf . Fix a G T^^jX and write B = Basex{oi) and B' = Bascx' (Ti^f {a)) . We need 
to prove B' = f[B]. 

For the inclusion "C", from 

T^B ^TMm 

^ P 

T^X T^X' 

we see that f[B] supports T^f{a) and, as B' is the smallest such, B' C f[B] follows. 
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For the opposite inclusion "D", since T^j preserves weak pullbacks, the dotted arrow in 

^ ^ T„/(a) 




T,.,X 



T,.,X' 



exists and shows that a £ T^^if ^{B')). By minimality of the base, it follows B f ^{B'), 
that is, B' D f[B]. □ 



Remark 2.15. A stronger version of the previous proposition follows from results in 
Let us briefly sketch the details using the terminology of [23j . First of all note that it is not 
difficult to see that all finitary set functors preserve intersections. Therefore \23\ Theorem 
7.4] implies that Base is sub-cartesian (not necessarily natural) and this implies together 
with |23l Theorem 8.1] that T preserves preimages iff Base is natural. Any weak pullback 
preserving functor preserves preimages and thus this statement implies Proposition 12.141 



3. Relation Lifting 

Given the key role that the lifting of binary relations plays in the semantics of Moss' logic, 
we need to discuss the notion in some detail. After giving the formal definition, we mention 
some of the basic properties of relation lifting: first the ones that hold for any functor, then 
the ones for which we require the functor to preserve weak pullbacks, and finally, we see 
important technical properties of relation lifting that rest on the fact that the set functor 
under consideration is standard. We discuss the connection of the relation lifting with 
categorical distributive laws: as we will see later on, this connection plays an important 
role in the axiomatization of V. Finally we introduce the notion of a slim redistribution, 
which is needed to formulate one of our axioms. 



3.1. Basics. First we give the formal definition of relation lifting. 

Definition 3.1. Let T be a set functor. Given a binary relation R between two sets Xi 
and X2, we define the relation TR C TXi x TX2 as follows: 

TR := {((T^f (rvr^^)^) | p € TR}. 

The relation TR will be called the T-lifting of R. <\ 

In other words, we apply the functor T to the relation R, seen as a span Xi — R — X2 , 
and define TR as the image of TR under the product map {Ttti,Ttt2) obtained from the 
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lifted projection maps Tvr and Tvr'. In a diagram: 




TXi X TX2 



Let us first see some concrete examples. 

Example 3.2. Fix two sets X and X\ and a relation i? C X x X'. For the identity and 
constant functors, we find, respectively: 

TdR = R 

CR = idc- 

The relation lifting associated with the power set functor P can be defined concretely as 
follows: 

PR = {{A, A') £PX X PX' I Va G ^ 3a' G A' .aRa' and Ma' G A' 3a G A.aRa'}. 

This relation is known under many names, of which we mention that of the Egli-Milner 
lifting of R. Relation lifting for the finitary multiset functor is slightly more involved: given 
two maps /i G Bi_jX, fi' G B^^X' , we put 

/i B^^R /i' iff there is some map p : i? — > N such that \/x G X. ^{p{x, x') j x' G X'} = fi{x) 

and Vx G X' . J^ipi^^ x') \ x £ X} = /i'(x'). 

The definition of is similar. 

Finally, relation lifting interacts well with various operations on functors |25j. In par- 
ticular, we have 

To + TiR = %R\jTiR 

w^iR = {((eo,ei),(eo,ei)) I for^G{o,i}} 

T^R = {((/?, I ((/9(d), G TR for all d G D]. 

From this one may easily calculate the relation lifting of all extended Kripke polynomial 
functors of Example 12.31 

Remark 3.3. Strictly speaking, when defining the T-lifting of a relation R C Xi x X2, we 
should explicitly mention the type of i?, that is, the pair of sets Xi and X2. 

To see this, let Xi,X2,Yi and Y2 be sets such that Yi C Xj, for i G {1,2}. Now any 
relation i? C x I2 can also be seen as a relation between Xi and X2- But in general 
we do not have TYi C TXi, and so the relation TR C x 5^2 is not necessarily a relation 
between Xi and X2. It is easy to see that if T preserves inclusions, then this problem 
evaporates. Since we will assume T to be standard almost throughout the paper, we ignore 
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this subtlety for the time being. Readers who are worried about this may add the condition 
that T preserves inclusions throughout the subsections 13.11 and 13.21 

Remark 3.4. Relation lifting can be used to define the notion of a bisimulation between 
two coalgebras. Recall that, given two coalgebras Xi = {Xi,^i) and X2 = (X2,^2); a 
relation Z x Xi x X2 is a bisimulation if there is a coalgebra map C : Z — )• TZ making the 
two projection functions vri : Z — )• Xi and 712 : Z X2 into coalgebra morphisms. It can 
be shown that this is equivalent to requiring that ^i(a;i) TZ (,{x2) whenever xi Z X2- 

As mentioned, in this section we will discuss some important properties of relation 
lifting. We start with listing a number of properties that T-lifting has for any given set 
functor T. The proof of the fact below is elementary. 

Fact 3.5. Let T be an arbitrary set functor. Then the relation lifting T 

(1) extends T: Tf = Tf for_all functions f : Xi ^ X2, 

(2) preserves the diagonal: TIdx = Idxx for any set X; 

(3) is monotone: R Q Q implies TR C TQ for all relations R,Q Xi x X2; 

(4) commutes with taking converse: TR^ = {TRY for all relations R C Xi x X2. 

3.2. Weak pullback preserving functors. Fact 13. 51 states a number of operations on re- 
lations that interact well with relation lifting. Conspicuously absent in that list is relational 
composition: observe that T would be a functor on the category Rel if it would satisfy 
T{R ; Q) = TR ; TQ. Here we arrive at the main reason why we are interested in functors 
that preserve weak pullbacks: as we will see now, that property is a necessary and sufficient 
condition on T for T to be functorial. 

In fact, given the characterisation of (weak) pullbacks in the category Set, in terms of 
the relation pb (see Fact 12.71) . it is easy to formulate the composition R;Qoi two relations 
R and Q as a pullback of the projection maps 'rT2 and 7rf. Therefore it is not surprising that 
the question whether the T-lifting of a relation commutes with the composition of relations 
is tightly connected with the preservation of weak pullbacks by T. The following fact was 
first proved in j54]. 

Fact 3.6. A functor T : Set Set weakly preserves pullbacks iff for all relations R C 
Xi X X2 and Q C X2 x X3 we have 

T{R-Q) = TR-TQ. (3.1) 

Proof. First, assume that T preserves weak pullbacks and let R C Xi x X2 and Q C X2 x X3 
be two binary relations. The pullback of 7^2 and vr^ is given by the following set: 

ph := {{{xi,X2), (X3,X4)) I {xi,X2) G R, (X3,X4) G Q and X2 = X3}, 

and there is a surjective map e : ph{'K2i ~^ ^'iQ given by e(((xi, X2), (xs, X4))) = (xi, X4) 
with the property that 

TT^'*^ o e = 7r{^ o vr^'' and vr^''^ o e = vr^ o vrf''. (3.2) 

The situation is depicted in Figure [H 

We now prove (j3.ip . For the inclusion "C", let (2;,^) G T{R ; Q). By definition 

there exists some z G T{R ; Q) such that Ttt^'^{z) = x and r7r^'*^(z) = y. We know 

that e and thus also Te is surjective. Therefore there exists some z' G T{pb) such that 
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Xi X2 X3 

Figure 1: Composition of relations &: pullback 

Te{z') = z, and using ^ we obtain T^f (Tvrf (z')) = Ttt^'^ {Te{z')) = r^f'^(z) = x 
and similarly T-K2 {Tt:^ {z')) = y. On the other hand, by the definition of pb, we have 
Tir^iTTrfiz')) = T^f (T^f (2')) = u. This implies that {x,u) € T{R) and {u,y) £ T{Q) 
and we proved (x, y) S T{R) ; T{Q) as required. 

For the converse inclusion suppose that (x, y) G T{R);T{Q). We want to prove that this 
implies (x, y) € T(i? ; Q). It follows from (x, y) G ; T((5) that there is some u £ TX2 

such that (x,m) G ^(i?) and G T{Q); spelling out the definitions we find a £ TR 

and a G TQ such that r7r(^(nx) = x, Ti^'^i'^y) = 2/ ^-iid Ti:2{ux) = T7r^{uy) = u. By 
our assumption that T is weak pullback preserving we have that T{pb), together with the 
maps Tirf^ , Tt^I^ is the weak pullback of Ttt^ and Tvr^. Therefore there must be some 
z G T{pb) such that T7rf^{z) = and T'k1^{z) = Uy. This implies 

T^f'«(Te(z)) = T^f (T^f (z)) = T^f K) = x 

and likewise T7r^'*^(Te(z)) = y. By definition this means that (x,y) G T{R;Q) as required. 



For the converse implication of the statement of the proposition, suppose that T does 
not preserve weak pullbacks and let the following be a pullback that is not weakly preserved 
byT: 

P2 



P 



Pi 



f 



X2 



X3 



Then it is not difficult to see that the following isomorphic diagram, is also a pullback 
diagram that is not weakly preserved by T: 



R 



GrigT 



Gr{f)^^Xs 

^2 
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where Gr{f) and Gr{gY denote the graph of / and the converse of the graph of g, respec- 
tively, and R Q Grf x Grg^ is the pullback of vTg and Trf . We will show the existence of a 
pair (x, y) G Tf ; Tg" \ T{f ; g"), which is a clear counterexample to (13. ip . 
As before there is a surjection e' : R ^ f ; g" satisfying 

vrf'^" o e' = vrf o vrf and 7r{'^" o e' = tt( o vr^ (3.3) 

By assumption, {TR, Tvrf , vrl^) is not a weak pullback of TvTg and Tirf . Hence by Fact l2.7f 2) , 
there must be a zi G TGr{f) and a Z2 € TGr{gY such that Tt:2{zi) = Tvr^ (22) = u, while 

there is no z € TR such that T'Kf'{z) = z\ and TtiJ^^z) = 22- (3.4) 

Define x := TTr({zi) and y := TttI (^2)- Since tTj = / o 7r{, we have TtTj = Tf o TTr(, 
and so we find u = {Tf)x; likewise, we obtain u = {Tg)y. From this it is clear that 
(x, y) E Tf ; Tg". Now suppose for a contradiction that (x, y) £ T{f ; (7"). By definition this 
entails the existence of some z' € T(f ; g") such that Tir^'^ (z') = x and T-TTg'^ (z') = y. By 
surjectivity of e', and hence, of Te' , then there must be some z" € Ti? such that Te{z") = z' . 
Furthermore it follows from (j3.3p that 

X = T7r('^\z') = TTi{'^\Te'{z")) = TT^{{T^f{z")) 

and, similarly, y = Ttt^ (T7r^(z")). Both T7r{ and Tvrl are isomorphisms and thus we 
obtain T7r{^(z") = zi and Ttt2{z") = Z2 - & contradiction to ()3.4p above. □ 

Putting this together with Fact 13.5( 2.3) we immediately obtain the following. 

Corollary 3.7. Let T he a set functor and let T he the operation that maps a set X to 
TX := TX and a relation R to the T -lifting TR of R. Then the following are equivalent: 

(1) T preserves weak puUbacks; 

(2) T is a functor on the category Rel of sets and relations; 

(3) T is a relator, that is, a monotone functor on the category Rel. 

Closely related to this is an important consequence of the functor preserving weak 
pullbacks, namely that the notions of bisimilarity and behavioral equivalence coincide. 

Remark 3.8. In [46j it is proved that if T preserves weak pullbacks then for any pair of 
coalgebras X = {X,S,) and X' = {X',^'), two states x and x' are behaviorally equivalent iff 
there is a bisimulation (see Remark 13. 4p linking x to x' . 

3.3. Standard functors. As mentioned earlier on we will almost exclusively work with Set- 
functors that are standard. In Remark 13.31 we saw that this will ensure that the definition 
of the lifting of a relation R is independent of the type of R. Now we will see some further 
nice consequences of standardness for the notions of relation lifting. 

To start with, in case T is standard, T commutes with the domain and range of a func- 
tion; and if T preserves weak pullbacks in addition, then T also commutes with restrictions. 

Proposition 3.9. Let T be a standard set functor. Then 

(1) T commutes with taking domains: dom{TR) = T{dorr\R) for all relations R C Xi x X2. 

(2) T commutes with taking range: rng(Ti?) = T(rngi?) for all relations R C Xi x X2. 
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(3) // T preserves weak puUbacks, then T commutes with taking restrictions: 

T{R ) = {TR) \TY^y.TY2 

for all sets Xi,X2,Yi and Y2, with Yi C Xi and Y2 C Yi, and for all relations R Q 
Xi X X2. 

Proof. For part 1, we first consider the inclusion dom(Ti?) = T{6omR). Let R Xi x X2 
be a relation and take an element a G dom(Ti?). Then (a,/3) G TR, for some j3 G TX2. 
We denote by l : dom(i?) Xi the inclusion of dom{R) into Xi and hy tt[ : R ^ dom (ii) 
the restriction of the projection map tti : R Xi; then we have tti = l o tt[. By definition 
of T there exists some p G TR such that Ttii{p) = a and hence TL{TTr[{p)) = a. As T is 
standard this shows that a = Ttt[{p) G Tdom(i?) as required. 

For the opposite inclusion, let / : dom(i?) — )• rng(i?) be any map such that / C i?; then 
it follows that Tf C TR. In other words, for all a G r(domi?) we have a TR Tf{a). From 
this it is immediate that T(domi?) C dom(ri?). 

The proof of part 2 is completely analogous. For part 3, we refer to [35] Prop. 6.4]. □ 

Proposition 13.91 is particularly useful for linking the relation lifting of T to that of its finitary 
version T^^. 

Proposition 3.10. Let T be a standard and weak pullback preserving set functor, let T^ be 
its finitary version and let R'^ Xi x X2 be a relation. Then 

%R = TRn {T^Xi X T^X2). 

Proof. Let R C Xi x X2 be a relation and take a pair (q, /3) G T^^Xi x T^X2. By definition 
of there must be finite sets X[ Xi and X2 X2 such that a G T^X[ = TX[ and 
P G T^X'2 = TX'2. 

In order to prove the inclusion 5, assume that (a,/?) G TR. By Proposition 13.91 we 
have 

(a,/3)GTi? iflr (a, /?) G T(i? f^. ) (3.5) 

and because T^{R tx(xx^ ) ^ Tuj{R) the inclusion holds if we can prove that {a, (3) G T^^R' 
with R' := R \x[xX^ ■ The following diagram commutes: 

J-uj^l ^ Jtj-ft ^ ^-10^2 

TX[ ^ TR' ^ TX'2 

Therefore we have that (a, /3) G TR! iff (a, /3) G T^R! . By ([33]) we have (a, jS) G Ti?' and 
hence (a, /?) G T^^i?' as required. The proof of the opposite inclusion is similar. □ 

On the basis of Proposition 13.101 we will often be sloppy and write (a,/?) G TR instead 
of (a,/3) G T^R^ for elements a G Tt^X\ and /3 G T^X2. More importantly, Proposition 13. 101 
allow us to prove our earlier claim, that T^^ inherits the properties of standardness and weak 
pullback preservation from T . 

Proof of Proposition 12.111 Let T be a standard, weak pullback preserving set functor. 
In order to see that T^^ is standard consider two sets X, X' with X' C X and let t : X' — > X 
be the inclusion of X' into X. By the definition of T^ for every set X we have that T^^X is 
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a subset of TX and that tlie inclusion tx '■ T^jX 
that T^L is also an inclusion: 



TX is natural. It follows by naturality 



T^X'^ 
T,,X^ 



TX 



TX' 

Ti 

T^X 



More precisely, for all a G T^^X we have 

(nat. of r) 



rri / \ ^ standard 

1 iia] = a 



Tuji{a) = Tx{T^i{a)) TL{Tx{a)) 

which demonstrates that Ti^l is the inclusion map from T^^X' into T^X, and shows that T^^ 
is standard indeed. 

We now prove that T^^ preserves weak pullbacks. By Fact 13.61 it suffices to prove that 
for arbitrary relations i? C Xi x X2 and Q C X2 x X3 we have T^{R ; Q) = T^{R) ; Ti^{Q). 
In order to see this we use Proposition 13.101 We have 

ia,P) £%{R;Q) iff {a, (3) eTiR ; Q) \t^x,xT^Xs 

iff (a, /3) G T{R ; Q) \tx[ xTX!, for some X[ X^, X'^ X3 
iff (a, /3) G r((i? ; Q) fxjxx^ ) for some X( Xi,X'^ X3 
iff {a,f3)eTiR\x,^x, ■,Q\x^xxO 

for some Xi, X2, X3 X3 

iff (a,/3) GT(i?rx(xX^);T(Qfx^xX^) 

for some X[ Xi, X2 X2, X3 X3 
iff ia,P) e%{R);T:;{Q) □ 



Finally, we finish this subsection with noting that relation lifting interacts well with the 
natural transformation Base -.T^^P^. 

Proposition 3.11. Let T he a standard functor that preserves weak pullbacks. Given a 
relation R C Xi x X2 and elements Oi G TXi, i G {1,2}, it follows from ai TR a2 that 
Base{ai) PR Base{a2)- In particular, we have that Base{ai) C dom(i?) and Base{a2) C 
rng(i?). 

Proof. Let nf' be the projection of i? to Xj, then it follows from ai TR 02 that Ui = T7r^(p) 
for some p G TR. But then by naturality of Base we find that Base{ai) = Base{T'K^{p)) = 
{PTTf-){Base{p)), and so Base{p) G PR is a witness to the fact that Base(ai) PR Base{a2). 

□ 



3.4. Relation Lifting & distributive laws. A relation that plays an important role in 
our paper is the T- lifting of the membership relation G. If needed, we will denote the 
element relation, restricted to a given set X, as the relation Gx ^ X x PX. 

Definition 3.12. Given a standard functor T that preserves weak pullbacks, we define, for 
every set X, a function A^^ : TPX — > PTX by putting 

A3^($) := {a g TX I a Tgx 
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Elements of A^(<I>) will be referred to as lifted members of The family = {A^jxeSet 
will be called the T -transformation. <1 

Properties of T are intimately related to those of A^. In order to express the connection, 
we need to introduce the concept of a distributive law. 

Definition 3.13. Let T be a covariant set functor. A distributive law of T over a (co- 
or contravariant) set functor M is a natural transformation 6 : TM — >■ MT; that is, the 
following diagram commutes, for every map f : X Y: 

TMX MTX 



TMf 



MTf 



TMY MTY 

(Clearly, in case M is a contravariant functor the downward arrows have to be reversed.) 
For 9 to be distributive law of T over a set monad {M,ri,fi), we require in addition that 6 
is compatible with the monad structure, in the sense that the following diagrams commute, 
for every set X: 

TX TMX TMMX MTMX — t MMTX (3.6) 




X 



MX 



TMX ^ MTX 

ex 

If the functor T preserves weak pullbacks, the T-transformation provides a distribu- 
tive laws of T over the power set monad V = {P, {■},\J)- A detailed proof of this fact can 
be found in [291 Sec. 4]. 

Fact 3.14. If T preserves weak pullbacks, A^ = {^}x&Set is a distributive law of T over 
the power set monad V. 

What it means, set-theoretically, for A^ to be a distributive law of T over V is the 
following. The fact that is a natural transformation from TP to PT is another way of 
saying that for every map f : X ^ Y, and every object ^ £ TPX, we obtain the lifted 
members of TP$ by applying the operation Tf to the lifted members of ^. The diagram on 
the left of (j3.6p . relating the singleton map 7]x '■ X PX to the T-transformation, states 
that an object a £ TX is always the unique lifted member of the lifted set Tr]x{oi)- To 
understand the diagram on the right, recall that the multiplication of "P is the union map 
Ux : PX- Applying the functor to this we obtain a map TlJx : TPPX TPX. 

Observe that given an object <I> G TPPX, we may thus take lifted members of (T\Jj^){^); 
however, we may also take lifted members of $ itself, and since each of these will belong 
to the set TPX, we may repeat the operation of taking lifted members. Now the right 
diagram in ()3.6p states that the lifted members of (T\J^){^) coincide with the objects we 
may obtain as lifted members of lifted members of 

Remark 3.15. The existence of a distributive law of a set functor T over the power set 
monad V corresponds to an extension of the functor T to the Kleisli category KI('P) of 
v. Furthermore it is easy to see that KI('P) is isomorphic to the category Rel of sets 
with relations. Putting these facts together it is clear that any distributive law of a set 
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functor T over V corresponds to an extension of T to a functor on the category Rel. We 
saw in Corollary 13.71 that the T-lifting of a relation can be used to extend T to a functor 
T : Rel Rel iff T preserves weak pullbacks. In this case A"^ is the corresponding distributive 
law. Further remarks and references can be found in Section I 



Perhaps somewhat surprisingly, the T-transformation can be also seen as a distributive 
law over the contravariant power set functor. 

Proposition 3.16. Let T : Set — > Set be a functor that preserves weak pullbacks. Then 
is a distributive law of T over the contravariant power set functor. 

Proof. Let f : X Y he a function. We have to show that the following diagram commutes: 

TPY PTY 



TPf 



PTf 



TPX PTX 

This can be verified by a straightforward calculation: 

a G A3^((rP/)(cI>)) iff ^TPf-T3x)a iff $(r(P/ ; 9x))a 
iff $(r(9y;r))a iff $(r9y;rr)a 
iff Tf{a) E Ay($) iff a G (Pr/)(Ay (^>)) 

Here we freely apply properties of relation lifting, and in the third equivalence we use the 
easily verified fact that Pf ; 9x = 3y ; D 

In our paper both distributive laws play an important role. The fact that ^ is a dis- 
tributive law over P is essential for proving that the semantics of Moss' logic is bisimulation 
invariant, and the distributivity of T over the monad V is crucial for the soundness of our 
axiomatization. 

To finish this subsection, we gather some elementary facts on the T-transformation. 

Proposition 3.17. Let T be a standard, weak pullback-preserving functor, let X be some 
set and let $ G T^PX. 

(1) 7/0 G Base{^) then A^($) = 0. 

(2) If Base{^) C {Y} for some F C X, then A^($) C TY . 

(3) If Base {^) consists of singletons only, then |A"'"(<I>)| = 1. 

(4) IfT maps finite sets to finite sets, then for all $ G T^^P^jX , |A"^(^>)| < to. 

(5) //«> G T^PujX, then )^{<^>) G PT^X . 

Proof. For part 1, assume that G Base{^) and assume for contradiction that a is a lifted 
member of <I>. It follows by Proposition 13.111 that Base{a) Pg Base{^). But from this 
it would follow, if G Base{^), that Base{a) contains a member of 0, which is clearly 
impossible. Consequently, the set A-^($) must be empty. 

In order to prove part El assume that <I> G T{Y}, for some subset Y of X, and suppose 
that a Tg ^. Then by Proposition 13.9( 3) we have a ^St^xiv} *^ part 1 of the 

same Proposition we find a G Tdom(Gf_^^ ) = TY. 

For part 3, observe that another way of saying that Base{^) consists of singletons only, 
is that <I> G Ti^Sx, where Sx ^ PX is the collection of singletons from X. Let 9x '■ Sx — > X 
be the inverse of rjx, that is, Ox is the bijection mapping a singleton {x} to x. Clearly then. 
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the map T^^Ox ■ T^^X — )• T^Sx is a bijection as well. In addition, we have 9x" = from 
which it follows by elementary properties of relation lifting that (TOxY = T^x- From this 
it is immediate that if $ G Ti^Sx, then (T9x)i^) is the unique lifted member of <I>. 

Concerning part 4, assume that $ € T^^Pi^X. Then by definition, $ E Ty for some 
y PujX. From this it follows that y C PY for some finite Y C X, and this implies 
that Base{^) C PY. If a is a lifted member of then by Proposition 13.111 we obtain 
Base{a) Pg Base{^), and so in particular we find Base{a) C [J Base{^) C Y. From this 
it follows that X^(^>) C TY, and so by the assumption on T, the set A"^(<I>) must be finite. 

Finally, we consider part 5. Take an object $ € T^P^jX and let a £ TX be an arbitrary 
lifted member of ^. Reasoning just as for part 4, we obtain that a € TY for some finite 
Y Q X, and so by definition of we find that a G T^X. □ 

3.5. Slim redistributions. The syntax of Moss' logic is built using negations, conjunc- 
tions, disjunctions and the V-operator. An axiomatisation of the logic has to specify the 
interaction of these operations. As we will see, so-called slim redistributions are the key to 
understand how conjunction interacts with the V-operator. 

Definition 3.18. Let T be a set functor. A set $ € TPX is a redistribution of a set 
A € PTX if A C A3^($), that is, every element of ^ is a lifted member of In case 
A G P^T^^X, we call a redistribution $ slim if $ E Ti^Puj{[ja&A Base{a)). The set of slim 
redistributions of A is denoted as SRD {A) . <1 

Intuitively, redistributions of A are ways to reorganize the material of A. The slimness 
condition $ G Ti^Pi^{\J^^^ Base{a)) should be seen as a minimality requirement, ensuring 
that <1> is 'built from the ingredients of A\ 

Example 3.19. First we consider the binary C-labelled tree functor Be of Example 12.31 
Let vTc, TTi and 7r2 denote the respective projections from BcX to C, X and X, respectively. 
An object <I> € BqPX is of the form (c, Y, Z) with c G C and y, Z G PX. Such a <1> is a 
redistribution of a set ^ = {(cj, i/j, Zj) | i G /} BcX iff for alH G / we have Cj = c, ?/j G y 
and Zi G Z, and such a redistribution is slim if in addition, YUZ C {y^ | i G /}U{zj | i G /}. 
On this basis it is not hard to derive that 



Remark 3.20. For our purpose it would suffice to consider instead of SRD (A) a smaller 
set SRD' (A) as long as it order-generates SRD (A) in the sense that for all $ G SRD (A) 
there is ^' G SRD'{A) such that $'T(C)$. Such an SRD'{A) can replace the SRD{A) in 
the rule (V2) that will form a crucial part in our derivation system. In the example above, 
SRD' (A) can be given by simplifying the third clause to 



We thank Fredrik Dahlqvist for pointing out that this clause does not give SRD (A). 

Example 3.21. In case we are dealing with the power set functor P, first observe that 
given a set X, the relation PGx Q PX x PPX is given by 




{{CA, Si, S2) I TTjlA] C Sj C ni[A] U 7T2[A] for j = 1, 2} 



if A = 

if |7rc[^]| >2 

if 7rc[A] = {ca} 



{(c^,7ri[^],7r2[A])} if TTc[A] = {ca} 
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On the basis of this observation it is easy to check that $ G PX is a redistribution of 
A G PPX if U ^ ^ U *^ and a n /3 / for ah a G ^4 and /3 e ^. Furthermore, we obtain 

$ G SRD{A) iff y A = y $ and a n /3 7^ for all Q G ^, /3 G 

Hence, in the case of the power set functor we are dealing with a symmetric relation: 
$ G SRD{A) iff yl G SRD{<^>). 

The following observation, which is due to M. Bflkova, shows that slim redistributions 
naturally occur in the context of distributive lattices. 

Example 3.22. Let ID be a distributive lattice. The distributive law for B can be formulated 
as follows. For any set A G P^jP^D^ we have 

AV«= V A^"gW' 

where CF{A) is the set of choice functions on A, that is, CF{A) is the set of maps ^ : A ^ D 
such that 7(0;) G a, for all a (z A. Then it is straightforward to verify that the set 
{rng(7) I 7 G CF{A)} is in fact a slim redistribution of A. 
In fact, we may prove that 

AV«= V VA^- (3-7) 

Later on we will see that our axiom governing the interaction of V with conjunctions, 
generalizes (|3.7p . 

We finish the section with a proposition for future reference. 

Proposition 3.23. SRD{0) = T{0}. 

Proof. If <I> is a slim redistribution of the empty set, then by definition $ G TP^{0) = T{0}. 
Conversely, any <5 G T{0} satisfies the condition that C A-^(<I>), and so G SRD{0). □ 

3.6. Notes. The relation lifting via spans as in Definition 13.11 was defined by Barr in [10^ 
Section 2]. Without stating it explicitly, he also proves that the relation lifting T is a 
functor on Rel iff T preserves weak pullbacks; see also Trnkova |54] and, for a generalisation 
beyond set functors, Carboni, Kelly and Wood [181 4.3] and Hermida [2U Theorem 2.3]. [18] 
also studies the question which functors Rel — )• Rel arise from functors Set — )• Set. Closely 
related notions of relator, also accounting for simulation as opposed to only bisimulation, are 
studied by Thijs [53] and in the context of coalgebraic logic by [9l[19l[27]. The connection 
between coalgebraic logic and relation lifting goes back to the original paper by Moss |41j 
which introduced V and defined its semantics by using relation liftings, albeit without 
making this notion explicit. Independently, essentially the same notion of relation lifting 
was studied in a fibrational setting by Hermida and Jacobs [25]. For a comparison of the 
notions of bisimulation arising from relation lifting and related definitions see Staton [51] . 

The relation lifting can also be obtained via a distributive law between a functor and 
a monad as in Definition I3.13( which is a slight, commonly used variant of the notion of 
a distributive law between monads |llj . As shown in |11] . there is a 1-1 correspondence 
between distributive laws and liftings of functors to the category of algebras. Similarly, 
distributive laws A : TM MT between a functor T and a monad M, or monad op- functors 
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(T, A) : (Set,M) — > (Set, M) in the terminology of Street [52], are in 1-1 correspondence 
with hftings T of T to the Kleish category of M. 

We thank Dirk Hofmann, Jiff Velebil and Steve Vickers for pointing out various refer- 
ences and their significance. 



4. Boolean algebras and their presentations 



4.1. Boolean- type algebras. It will be convenient for us to work with a syntax for 
Boolean logic and Boolean algebras, in which the finitary meet and join symbols, /\ and 
V, respectively, are the primitive symbols for the conjunction and disjunction operation, 
respectively. 

Definition 4.1. Given a set X, we let Cq{X) denote the set of Boolean terms/formulas 
over X, defined by the following grammar: 

a ::= x G X \ \ \Jip \ /\ip, 

where </? is a finite set of Boolean terms. We abbreviate _L := \/ and T := /\ 0, and if no 
confusion is likely we will write Co '■= C,o{0)- < 

Observe that each Cq{X) is non-empty, always containing the elements T and _L. 
The above definition can be brought in coherence with the categorical perspective of 
section [21 as follows. 

Definition 4.2. We define the category Boole of Boolean-type algebras as the algebras for 
the functor Set Set, X i-^ X + PujX + P^jX. A Boolean-type algebra will usually be 
introduced as a quadruple B = {B, -t^, /\^, \/^), where B is the carrier of the algebra, and 
-.B ^B, and A"^, V'^ : P^{B) B the Boolean operations. < 

Note that this perspective has built in that both conjunction and disjunction are com- 
mutative, associative and have a neutral element. 

We let U : Boole — > Set denote the forgetful functor, and F : Set Boole its left adjoint; 
that is, given a set X, FX denotes the absolutely free Boolean- type algebra, or Boolean 
term algebra, over X. Note that ¥X is not a Boolean algebra. Given a set X, observe that 
U¥{X) consists of the set Cq{X) of all Boolean terms/formulas using the elements of X as 
variables. In fact, we may extend Cq to the set functor Cq : Set Set given by 

Cq := U¥. (4.1) 

In this way we obtain the well-known term monad for the Boolean signature with the usual 
unit Tj : Id ^ Cq ('variables are terms') and multiplication : CqCq — )• ('terms built 
from terms are terms'). 



Co 



C Set Boole 



u 



In particular, for any / : X — > CqY there is / : CqX — > CqY which extends / and can be 
defined as the composition fiy ° CqJ. Logicians will recognise / as the substitution induced 
by/. 



24 



C. KUPKE, A. KURZ, AND Y. VENEMA 



Definition 4.3. Given a set X and a Boolean-type algebra B, a map / : X — )■ UM is called 
an assignment. Because of the adjunction F H [/, such an assignment has a unique extension 
to a Boole-homomorphism, denoted by 

/: FX ^B. 

This map / is the meaning function induced by /. <1 

Definition 4.4. A Boole-type algebra B is a Boolean algebra if it satisfies the inequalities 
of Table [21 

We let P : Set — )• BA"^ denote the contravariant power set algebra functor. That is, 
given a set X, we let PX denote the power set algebra of X, and for a map / : X — ?> y, the 
homomorphism P/ : Py PX is provided by the map = Pf. <\ 



4.2. Presentations of Boolean algebras. It has become a standard tool in mathematics 
to define an algebraic structure by means of a presentation by generators and relations. 
Usually, these definitions are given in the category-theoretic sense, and in particular do 
not distinguish isomorphic structures. Our proof-theoretic analysis of the logic requires us 
to be very precise here, and for this purpose we have developed a small piece of theory 
on 'concrete presentations'. We want to stress the fact that whereas we only talk about 
Boolean algebras here, the results in this section in fact apply to a wide universal algebraic 
setting. 

Definition 4.5. A presentation is a pair (G; R) consisting of a set G of generators and a 
set R C Cq{G) X Cq{G). Given such a relation i?, let =r C Cq{G) x Co{G) be the least 
congruence relation on the term algebra FG extending R such that the quotient FG/=^ is 
a Boolean algebra. We say that this quotient is the Boolean algebra presented by {G;R), 
and denote it as B{G; R). Given a presentation (G; R), we let 

V(G;R) ■■ 9 ^ [g]- (4.2) 

define a map r](G;R) ■ G — > UB{G;R). <1 

It is straightforward to verify that 'i]{G\R) is the quotient morphism from FG to B{G\ R), 
with kernel ker(77^g.^^) = =ji. 

Relating this definition of presentations to the more usual one, first observe that a 
'relation' is nothing but an equation over the set of generators (but note that generators 
should not be seen as variables). Accordingly, given a presentation (G; R), a Boolean algebra 
B, and an assignment f : G —j' UM, we say that a relation {s,t) G is true in B under /, 
notation: B, / ^ s ~ t, if f{s) = f{t). B is a model for R under / if B, / ^ s ~ t for all 
{s,t) G R. It is straightforward to verify that B{G;R) is a model for R under rji^Q.jiy We 
can now formulate the following proposition, of which we omit the (straightforward) proof. 

Proposition 4.6. Let (G; R) be a presentation, and let M be a model for R under the 
assignment f : G ^ UM. Then there is a unique homomorphism f : B{G;R) — >■ B that 
extends f in the sense that f'{[g]) = f{g). In a diagram: 

^^UB{G;R) 
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The universal property of B {G; R) expressed by the above proposition is usually taken 
as the definition of the Boolean algebra presented by a presentation. 

In order to turn the class of presentations into a category we need to define a notion of 
morpliism between two presentations. 

Definition 4.7. A presentation morphism from one presentation (G; R) to another (C; R') 
is a map f : G ^ Cq{G') satisfying /(s) =ri J{t) for all G C.q{G) such that {s,t) € R. 
Given two presentation morphisms / : {G;R) {G';R') and g : {G';R') {G";R"), we 
define their composition g o f : G Co{G") as the map given by 

go f{x) ■=g{f{x)), 

and the identity presentation on {G;R) as the function id^Q.ji-^ : G — >■ >Co(G) mapping a 
generator x G G to the term x G CqG. <\ 

The verification that the above defines a category is routine. Category theorists will 
note that identity and composition are those of the Kleisli category associated with the 
monad Cq. 

Definition 4.8. We will let Pres denote the category with presentations as objects and 
presentation morphisms as arrows. < 

We will now extend the construction i? of a Boolean algebra out of a presentation to a 
functor B : Pres BA, and define a functor C : BA — > Pres in the opposite direction. 

Definition 4.9. Given a presentation morphism / : (G; R) — >■ (G'; R'), it is easy to see that 
the map Bf : FG/=^ ^ ^G'/=^, given by 

Bf ■■ [s]{G;R) ^ [f{s)]{G';R') 

is well-defined. 

Conversely, given a Boolean algebra B, define its canonical presentation as the pair 
CM := (C/B; Ab). Here UM is the underlying set of B, and Ab is the diagram of B, defined 
as follows: 

Ab := {(a, ^b) \a,beUM with a = -^H} 

U {{a, f\ip) \{a}l}ip UM with a = /\^^p} 
U {(a, \/ip) I {a} UipC^UM with a = \/*(p}. 
Given a homomorphism / : B ^ B' between two Boolean algebras, we let 

Cf:b^f{b) 

define a map G/ : C/B ^ /:o(?7B'). < 

Proposition 4.10. B : Pres — ^ BA and C : BA Pres are functors. 

Further on we will make good use of the following definition. 

Definition 4.11. A presentation morphism / : {G;R) — ?> {G';R') is a pre-isomorphism if 
there is a morphism g : {G';R') {G;R) such that gf{s) =ji s and fg{s') =^1 s', for all 
terms s € CqG and s' € CqG' . This g is called a pre-inverse of /. < 

Proposition 4.12. Let f : {G;R) — )• {G';R') be a presentation morphism. Then f is a 
pre-isomorphism iff Bf is an isomorphism. 
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Proof. For the direction from left to right, let / be a pre-isomorphism. We confine ourselves 
to proving that Bf is injective. For this purpose assume that B f{[s](^Q.fj^) = 5/([i](G;i?,))- 
Then by definition we have [/s](G';i?/) = [/^](G';H'>' equivalently, fs =ri ft. From this 
it follows by the assumption that s =/j gfs =/j gft =fi t, and so it is immediate that 

[s]{G;R) = [t\{G;R)- 

Conversely, assume that Bf is an isomorphism between B{G;R) and B{G';R'). Let 
g : G' ^ CqG be such that g{x') £ {Bf)^^[x'] for every generator x' £ G' . We claim that 
Bg = {Bf)~^. To see this, note that it is straightforward to check that g{s') € {B f)~^[.s']; 
from this it follows that iBf)~^{[s'](^Qi.jii^) = [gs'](^G;R)- 

In order to see that g is a pre-inverse of /, consider an arbitrary term s € jCqG. 
Clearly we have [s](G;_r) = {B f)~^ {B f)[s](^G;R) ^ ^^'^ so by definition and the above ob- 
servation, we find [s](G;R) = (^/)"M/«](G';R'> = [9fs](G;R)- This means that s =r gfs, 
as required. Conversely, let s' be an arbitrary term in CqG' . Then we have [s'](^g'\R') — 

{Bf){Bf)-^[s'](^G';R') = Bf[gs'](^G;R) = [f9s']{G';R'), OT equivalently, s' =r' Jgs' . □ 

The functors B and G are very close to forming an equivalence between the categories 
Pres and BA. More precisely, we can formulate the following connections. Given a presenta- 
tion (G; i?), it is not hard to verify that the insertion of generators 'r]{G\R) ■ ^ ~^ UB{G; R) 
defined in (|4.2p is in fact a presentation morphism 

V{G;R) ■■ {G;R) ^CB{G;R). 
Conversely, given a Boolean algebra B, let ids denote the identity map on B := UM, and 
recall that id b denotes the unique homomorphism id b '■ FC/B — )• B extending ids- It is not 
difficult to show that idB{t{bi, . . . , = t^{bi, . . . , and so we may think of id as an 
evaluation map. We leave it for the reader to verify that for all s,t £ ¥UM, we have 

s =cBt iS idB{s) = idsit). (4.3) 

From this it follows that the map eb : BCM B given by putting, for any t(bi, . . . , 6„) € 
CoiUM): 

68 : [t{bu...,bn)]^t^{h,...,bn) (4.4) 

is a well-defined homomorphism from BCM to B. 

Theorem 4.13. The functors B and G form an adjoint pair B -\ G , with unit rj : /fipres ~^ 
GB and counit e : BG Id^A given by (|4.2p and (j4.4p . respectively. Furthermore, each 
arrow tk^q-r^ : {G;R) GB{G;R) is a pre-isomorphism, and each arrow ■ BGM — t- B is 
an isomorphism. 

Proof. Let us start with showing that ry : /dpres CB is indeed a natural transformation. 
That is, given an presentation morphism / : {G; R) {G';R') we have to show that the 
following diagram commutes. 

{G;R) ^^^GB{G;R) 

CBf 

{G';R')-^GB{G';R') 
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For this purpose it suffices to check that the two compositions, CB f orji^Q.^j}^ (x) and ri(^Q/.jii'j o 
f{x) agree on an arbitrary generator x G. But this is immediate: 

CBf o 'n(^G;R){x) = CBf[x] = [fx] = V{G';R'){fx) = ri{G';R'){fx) = {V{G';R') ° f){x)- 

In order to prove that 1]{G;R) is a pre-isomorphism, let g : UB{G;R) CqG be any map 
such that g{[s]) € [s] for any element [s] G UB{G; R) . It is easy to check that g is a 
presentation morphism and that f]{G;R) ^'^^ 9 pre-inverses of each other. From this it is 
immediate that f]{G;R) is a pre-isomorphism. 

Turning to the counit of the adjunction, let / : B - 
Boolean algebras. Let . . . ,^n)]; with each hi in B, 
Then we compute 

/oeB[t(6i,...,6„)] = /(t''(6i,...,6n)) 
= ti^'(/6i,...,/6„) 
= ^w[t{fhi, . . .Jhn)] 
= eM'{mbi,...,bn))] 
= ew{BGf)[t{bi,...,bn)] 
This shows that the following diagram commutes: 



■> B' be a homomorphism between 
be an arbitrary element of BCM. 

(definition of e) 
(/ is a homomorphism) 
(definition of e) 

(definition of /) 
(definition of B and C) 



BC 

BCf 



f 



and thus proves that e is a natural transformation. 

To show that eB is an isomorphism, it suffices to check injectivity. But by a straight- 
forward term induction it is easy to prove that every term t{bi, . . . , i^) in JCqUM satisfies 

t{bi,...,bn) =CBt^{bl,...,bn). 

Hence if eB[s(ai, . . . , a^)] = eM[t{bi, . . . ,bn)], then by s(ai, . . . , a^) =cb s^{ai, . . . , ak) = 
t^{bi, . . . , hn) =CB t{bi, . . . , hn), we immediately find that [s(ai, . . . , a^)] = [t(6i, . . . , as 
required. 

Finally, in order to prove that H C, by [40 1 Theorem IV. 1.2] it suffices to prove that 
(i) for any Boolean algebra A, the composition 

CA ^ CBGk ^ CA 
is the identity on CA, and that (ii) for any presentation {G;R), the composition 

B{G;R) ^'^-^'^ BCB{G;R) '"-^^ B{G;R) 

is the identity on B{G; R). Both of these facts can be checked by a straightforward unrav- 
elling of the definitions, which we will leave as an exercise for the reader. □ 
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Remark 4.14. What keeps B and C from forming an equivalence of categories is that the 
unit ?7 is a 'natural pre-isomorphism' rather than a natural isomorphism. We could remedy 
this by changing the notion of arrow in the category of presentations but this would be 
disadvantageous in our completeness proof, when we construct a stratification of our logic. 

Remark 4.15. We indicate how the present section generalises beyond Boolean algebras, 
as suggested by a referee. We have been working with three categories, BA, Boole, and Pres. 
Instead of Boole consider a category B with forgetful functor U : B ^ Set and left-adjoint F 
of U. Instead of BA consider a category A and a full inclusion I : A B with a left-adjoint 
L of /. Now, we can define a category Pres. Pres has as as objects pairs {G, R) where 
G is a set and i? is a relation given by a pair of arrows R ^ UFG, or equivalently, by 
FR ^ FG. A presentation morphism / : {G,R) {G',R') is then an algebra morphism 
f : FG ^ FG' such that for all A e A and all v : FG' I A, if v equalises FR' ^ FG' 
then V o f equalises FR ^ FG. The functors B : Pres — > A and G : A Pres can then 
be defined as above. Indeed, for A A we let the canonical presentation GA be the kernel 
pair of the map UFUIA UIA, given by the counit oi F -\ U at I A; and B{G,R) is 
given by the coequaliser of LFR ^ LFG. As in Theorem I4.13t one can now show that 
B -\ G and that the counit BG Id is an iso. Moreover, the proofs do not depend on 
the base category Set and only require rather general assumptions about kernel pairs and 
coequalisers (which are certainly fullfilled whenever A and B are varities, that is, classes of 
algebras given by operations of finite arity and equations). 

5. Moss' COALGEBRAIC LOGIC 

In this section we will recall the definitions of Moss' coalgebraic logic and its semantics j41) . 
or rather, the finitary version thereof developed by Venema [55] . 

5.1. Syntax. As mentioned in the introduction, the key idea underlying the syntax of 
Moss' language for reasoning about T-coalgebras is to include a modal operator V into the 
language whose 'arity' is given by the functor T itself, in the same way that P^j is the 'arity' 
of our conjunction and disjunctions. In the finitary version of the language, the arity of 
V is given by the finitary version T^^ of T. In brief, the language C will be defined by the 
following grammar: 

a ::= -la | /\ip \ \/ip j Va 
where if E P^^C and a G T^C For the purpose of this paper we need some further syntactic 
definitions. 

Definition 5.1. Let T : Set Set be a standard, weak pullback preserving set functor 
and let be the finitary version of T. The language C of the finitary Moss language for 
T is defined inductively. We first define Cq as the set Co{0) of closed Boolean formulas 
(see Definition 14. ip . For the inductive step, we start with introducing the set functor 
defined by, for a given set X and function f : X ^ Y, 

TJX := {Va\aeT^X}, 

Tj/(Va) := VT/(a). 

We continue the inductive definition by putting 
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Finally, we define L as the union £ := UiGw rank or (iepi/i of a formula a ^ C 

is the smallest natural number n such that a ^ Cn- <] 

Using BNF notation, we can recast the above definition as 

Cq3 a ::= -lO | f\ip \ 

where if C^^ Cq, and 

9 a ::= Va | \ /\ip \ \Jip 

where a G T^Ci and ip G Ptj£i+i. 

Despite its unconventional appearance, the language C admits fairly standard defini- 
tions of most syntactical notions. As an example we mention the notion of a subformula. 

Definition 5.2. We define the set Sfor{a) of suhformulas of a by the following induction: 



Sfor{^a) 

Sfor{y^) 
Sfor{Va) 



{^a} U Sfor{a) 
{Av^}uUae^'5M(a) 



The elements of Base{a) C Sfor{Va) will be called the immediate subformulas of Va. < 

On the basis of this definition it is not difficult to prove that every formula in C has 
only finitely many subformulas. This is in fact the reason why we call our language the 
finitary version of Moss'. 

Remark 5.3. In order to formulate and understand the interaction principles between 
nabla and the Boolean operations, we need to think of the propositional connectives as 
functions on formulas. Taking disjunction as an example, observe that we may think of 
it as a map \l : P^^C ^ C. Thus we may apply the functor T^^ to this map, obtaining 
T\l : Ti_jPi_jC — )■ Ti^C (Recall from our discussion on the finitary version of a functor that 
to simplify notation we will write T\/ rather than T^^ \/ .) Hence, for $ G Ti^P^C, we find 
{T\J)^ G T^^C, which means that V{T\J)^ is a well- formed formula. The same applies 
to the formula V(T/\)<I>, and similarly, we may think of negation as a map -!:£—>•£, 
and obtain T-i : TC — t- TC; thus for any formula Va, we may also consider the formula 
V(T^)a. 

Remark 5.4. The reader may be surprised that we did not include propositional variables 
in our language. The reason for this is that we may encode these into the functor. More 
precisely, given a functor T and a set Prop of proposition letters, recall from Example 12.2( 5) 
that the T-models over Prop can be identified with the coalgebras for the functor Tprop = 
P(Prop) X T. Hence we may use the language C associated with Tprop to describe the 
Prop- models based on T-coalgebras, see Example 15.10( 3). 

Convention 5.5. Since in this paper we will not only be dealing with formulas and sets of 
formulas, but also with elements of the sets T^^C, P^T^C and T^P^^C, it will be convenient 
to use some kind of naming convention, see Table [1] below. 

It will be useful later on to have a more categorical description of the finitary Moss 
language for a functor T. For this purpose we need the following definition. 
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Set 


Elements 


L 


a,6, ... 




a,/3, . . . 






PTC 


A,B,... 


T P C 





Table 1: Naming convention 

Definition 5.6. We define the category Boolev of Moss algebras as the algebras for the 
Moss functor Am '■ Set — >■ Set, given as: 

Am := Id + P^ + P^ + T^, 

That is, for a set S, AmS is the disjoint union of S, two (disjoint copies) of P^S, and T^jS; 
for a map /, Am/ is defined accordingly. 

A Moss algebra will usually be introduced quadruple B = (B, A", V", V^), 
where {B,^^,/\ , V ) is a Boole-type algebra, called the Boolean reduct of B, and V'^ : 

TujB — 7- S is the nabla operator of B. <] 

Given a Moss algebra B, there is a unique, natural way to interpret >C-terms as elements 
of the carrier B of B. This meaning function mng^ : C UM can be defined by a 
straightforward induction on the complexity of formulas. For instance, the clauses for 
/\ and V are 

mng^{l\ip) := f\^{Pmng^){<f) 

mng^{Va) := V^{Tmng^){a) 

Categorically speaking, this means the following. We may view Moss' language itself 
as a Moss algebra, by interpreting the function symbols as the corresponding syntactic 
operation, as usual in universal algebra. Note that in order to prove that V^a belongs to 
C, it is crucial that V is a finitary operation: from a G T^C it follows that a S T^Cn for 
some finite n, and then we may proceed with Va € Cn+i C C. The arising algebra, that 
we will also denote as C, is a rather special Moss algebra, namely, the initial one. Apart 
from the fact that the syntax of C is slightly unusual, the proof of the proposition below is 
standard universal algebra, and so we omit it. 

Proposition 5.7. C is the initial Moss algebra: given an arbitrary Moss algebra B, the 
meaning Junction mng-^ is the unique homomorphism from C toM. 

Before moving on to the coalgebraic semantics of £, we finish our discussion of its 
syntax with the following definition, for future reference. 

Definition 5.8. Let T : Set — > Set be a set functor and let T^^ be the finitary version of T. 
We define the functor Ci : Set — ^ Boole by putting 

< 

On occasion, we will consider C\ also as a Boole valued functor allowing us to write 
Ci = VT^ Cq. The notation C\ is in accordance with the definition of C\ as the fragment 
of rank one formulas in £, by the observation that Ci = {Cq o T^){jC.q) = CqT^ £q{0). 
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5.2. Semantics. Given all the preparations we have made in the previous sections, the 
definition of the semantics of the language is completely straightforward. 

Definition 5.9. Let T : Set — )• Set be a standard, weak pullback preserving functor, and 
let X = {X,S,) be a T-coalgebra. The satisfaction relation Ihx X x C is defined by the 
following induction on the complexity of formulas: 

X Ihx if X l/x a, 

X il~x f\V if X Ihx a for all a ^ if, 

X Ihx V if X Ihx a for some a & ip, 

X Ihx Va if ^{x) Tlhx a. 

If X Ihx a we say that a is true, or holds at x in X. We may omit the superscript when no 
confusion is likely, writing Ih instead of Ihx. 

In case a holds throughout X, that is, at every state of X, we write X Ih a. < 

Before we turn to look at some examples, we should argue for the well-definedness of the 
relation Ih. In particular, when looking at the clause for the nabla modality, the reader 
might be worried whether this is an inductive definition at all, since the defining clause, 
'^(x) Tlh a\ refers to the full forcing relation. The point is that because of our assumptions, 
T commutes with restrictions, and so we have 

(e(x), a) G T(lh) ^ (C(X), a) e T^XxBaseia) )• (5-1) 

Thus, in order to determine whether Vq holds at x or not, we only have to know the 
interpretation of the immediate subformulas of a (that is, the elements of Base{a)). In 
other words, if using the right hand side of (15. ip rather than the left hand side, we would 
have an equivalent, inductive, definition of the semantics. 

Example 5.10. 

(1) Let T be the C-stream functor given by TX = C x X for some set C. Then Vt takes 
as its argument a pair (c, a) where c G C and a is a formula in C. The formula V(c, a) 
is true in a T-coalgebra (X,^) at a state x if .^(x) = (c',y) with c = c' and y Ih a. 

(2) The nabla operator Vp associated with the power set functor P is the cover modality 
discussed in the introduction. 

(3) If Tprop is the T- model functor of Example 12.3( 5). associated with a functor T and a 
set Prop of proposition letters, then V^p^op takes as its argument a pair (vr, a) consisting 
of a set vr C Prop and a set a . The meaning of the formula Vft:(-7r,Q) can be 
expressed as 

VTp,„p(7r, a) = {f\pA f\^p)A Vya. 

pGvr p^TT 

(4) Finally, let T = be the finitary distribution functor. In this case, takes as 
argument a distribution ^ : £ — > [0, 1] of finite support. Given a T-coalgebra X = (X,^) 
and some x G X we have x Ihx V_D;^/x if for all y G X and all a G £ there are real numbers 
Py,a G [0, 1] such that 

Py,a^O implies y Ih a, ^(x)(y) / 0, ^(a) 7^ and 

Py,a' = C{x){y) for all y G X and 

Py^a = for all a G C 

vex 
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The state-based semantics of the logics as presented in Definition 15.91 can be brought in 
accordance with the earher algebraic perspective by the observation that every T-coalgebra 
naturally induces a Moss algebra, namely its complex algebra. 

Definition 5.11. Let T : Set — )• Set be a standard, weak pullback preserving functor, and 
let X = {X, ^) be a T-coalgebra. The complex algebra X"*" of X is defined as the Moss algebra 
IB which has the power set algebra F{X) as its Boolean reduct, while 

defines the nabla operation of X"*". <1 

In words: the Boolean function symbols V and /\ are interpreted as the comple- 
mentation, union and intersection operations on the power set of X. To understand the 
definition of the nabla operation, observe that applying the contravariant power set functor 
to the coalgebra map ^, we obtain a function : PTX — ?• PX, so if we compose this map 
with the T-transformation : TPX — )■ PTX, we obtain a map P^og.: TPX PX of 
the right shape. 

It follows by Proposition 15 . 71 that every formula a can uniquely be assigned a meaning 
mng^+{a) G PX in the complex algebra of a T-coalgebra X — in the sequel we will write 
mng-^ rather than mng^+. The Proposition below states that the two approaches to the 
coalgebraic semantics of £ coincide, so that we can speak without hesitation of 'the' meaning 
of a formula in a T-coalgebra. 

Proposition 5.12. Let T : Set — Set be a standard, weak pullback preserving functor, and 
let X = {X,S^) be a T-coalgebra. Then we have 

mng^(a) = {x G X | x Ih a}, 

for every formula a & C 

Proof. The proof of this proposition proceeds by a routine formula induction. □ 

5.3. First observations. In this subsection we gather first observations on C. First we 
show that Moss' logic is adequate; that is, it cannot distinguish behaviorally equivalent 
states. 

Theorem 5.13 (Adequacy). Let T : Set Set be a standard, weak pullback preserving 
functor, and let f : X Z be a coalgebra morphism between the T-coalgebras {X,^^) and 
(Z, C) . For all formulas a ^ C and all states x & X we have 

xh^aiff f{x)\Ha. (5.2) 

We leave it as an exercise for the reader to give a direct proof of Theorem 15.131 — a 
straightforward induction will suffice, using the fact that T distributes over relation com- 
position in the case of a formula a = Va. We will give a proof based on the algebraic 
approach, involving the initiality of C (Proposition 15. 7( ). and the following result. 

Proposition 5.14. Let T : Set Set be a standard, weak pullback preserving functor, and 
let f : X Z be a coalgebra morphism between the T-coalgebras X = (X, ^) and Z = {Z,Q. 
Then Pf is an algebraic homomorphism from TL^ to X+. 
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Proof. It is well-known that Pf is a homomorphism from the power set algebra ¥{Z) to 
P(X). Thus it is left to show that Pf also is a homomorphism with respect to the nabla 
operators. For that purpose, consider the following diagram: 

TPZ PTZ — ^ PZ 



TPf 



PTf 



Pf 



TPX ^ PTX PX 

The left rectangle commutes since A"^ is a distributive law of T over P (see Proposition 13. 16| ) . 
and the right rectangle commutes by functoriality of P and the assumption that / is a 
coalgebra morphism. As a corollary, the outer diagram commutes, but by definition of V^^ 
and V^^ this just means that Pf is a homomorphism for V. □ 

On the basis of the previous proposition, the proof of the Theorem is almost immediate. 
Proof of Theorem 15.131 By initiality of £ as a Moss algebra, mngx is the unique ho- 
momorphism mng^ : C But it follows from Proposition 15. 141 that Pf o mng^ is also 
a homomorphism from C to X^, so that we may conclude that 

= Pf ° mng^. (5.3) 

Now let X and a be as in the statement of the theorem, then we have 

X hx a iff X G mng^{a) (Proposition I5.12| 

iff X G Pf{mng^{a)) dO]) 

iff fx G mngj^{a) (definition of Pf) 

iff /x Ihz a (Proposition 15.12]) 

From this the theorem is immediate. □ 



5.4. Logic. The purpose of this paper is to provide a sound and complete axiomatization of 
the set of coalgebraically valid formulas in this language, that is, the set of >C-formulas that 
are true in every state of every coalgebra. Since our completeness proof will be algebraic in 
nature, for our purposes it will be convenient to formulate our results in terms of equations, 
or rather, inequalities. 

Definition 5.15. An inequality is an expression of the form a ^ b, where a and b are 
formulas in C. Similarly, an equation is an expression of the form a ^ b. < 

One may think of the inequality a ^ 6 as abbreviating the equation a A 6 ~ a, and we 
will see the equation a b as representing the set {a ^ 6, 6 ^ a} of inequations. (In fact, 
in our Boolean setting, we could even represent the equation a ~ 6 by the single inequality 
(a A -i6) V (-ifl A 6) ^ _L.) Thus it does not really matter whether we base our logic on 
equations or on inequalities, and in the sequel we will move from one perspective to the 
other if we deem it useful. 



Definition 5.16. An inequality a =4 b holds in a Moss algebra A, notation: A ^ a ^ 6, if 

mngj^{a) <a mngp^{b). <\ 
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Given the Boolean basis of our logics, we can express coalgebraic validity in terms of 
equational validity, and vice versa. More precisely, given a T-coalgebra X = (X, ^), it is 
easy to see that 

X Ih a X+ ^ T ^ a 

and, conversely, 

X+ ^ a ^ 6 X Ih ^aVb. 

As a consequence, in order to axiomatize the coalgebraically valid formulas, we may just as 
well find a derivation system for the inequalities that are valid in all complex algebras. 

Definition 5.17. An inequality a =4 b is (T -coalgebraically) valid, notation: a \=t b, if it 
holds in every complex algebra X"*". <1 

As an example of a validity, we mention the following, for an arbitrary <I> € T^P^C: 

V{T\J)^ 4\l {^P\PTe^'^ (V3/) 

(see Remark 15.31 for an explanation of the syntax). Note that the right hand side of (V3/) 
is a well-defined formula only if the disjunction is finite; we can guarantee this by requiring 
T to map finite sets to finite sets. (We will come back to this issue in the next section.) 

Proposition 5.18. IfT is a weak pullback preserving, standard set functor that maps finite 
sets to finite sets, then the formula (V3j-) is valid for every $ G T^^Pi^C. 

Proof. In order to understand the validity of (V3j), fix some T-coalgebra X = (X, ^). 

First observe that for any ip C we have X, a; Ih \/ 99 iff X, x Ih a, for some a (z (p. 
Putting it differently, the relations Ih ; € and Ih ; \/" coincide. From this it follows that 

T(lh ; G) = r(lh ; Vl- (5.4) 

Now fix some object ^ G T^P^C, and suppose that x is a state in X such that x Ih V(T V)*^- 
From this it follows that the pair (^(x), (T \/)(<I>)) belongs to the relation T Ih, and so 
(^(x),$) belongs _to (Tlh) ; {T\IY = r(lh ; V"). But then by ([53]), we find (^(x),«>) G 
T(lh ; g) = Tlh ; Tg. In other words, there is some object /3 such that £,{x) Tlh j3 and 
j3 Tg Clearly then x Ih V/3, and so we have x Ih \J P \ /3 Tg as required. □ 



6. The derivation system 



6.1. Introduction. In this section we introduce our derivation system M for the finitary 
version of Moss' logic, as given in the previous section. First we fix some general notation 
and terminology concerning derivations. 

Definition 6.1. Given a derivation system D, we let each of ho a ^ b, a Cd b and b a 
denote the fact that the inequality a ^ 6 is derivable in D, and we write a =d b if both 
a Ed b and b Cd 0,. < 
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In other words, where a ^ b and a ^ b are syntactic expressions in an object language, 
the expressions a C^) b and a =d b denote statements, in the metalanguage, about the 
derivability of such expressions a =4 b and b =4 o,. In case no confusion is likely concerning 
the derivation system at hand, we will drop subscripts, simply writing a = b and a C 6. 

In principle, the derivation system that we are looking for, should have axioms and rules 
of three kinds. First of all, it will have a propositional core taking care of the Boolean basis 
of our setting. For this purpose, any sound and complete set of axioms and derivation rules 
would do; for concreteness, we propose the set given in Table [2j Recall that our language 
has V and /\ as primitive connectives. 



a ^ a 


a =4 b b =4 c 
a ^ c 


{a ^ 6 a G (/?} 
Mif^b 


a ^ b , , 


{a 6 6 G V} 


a ^ b 
— — a G (j3 


M\/^\^eX}4 VIA 7m 1 7 e Choice{X)} 


MXy^{^a})4\jY 


MXU{a})^yY 


^X4y{YVJ{a]) 


^X4yiYU{^a}) 



Table 2: Axioms and rules for classical propositional logic 



Second, our system will need some kind of congruence rule for the nabla modality. 
Since V has a rather unusual form, perhaps it is not a priori clear what such a rule would 
look like. The naive way to formulate a congruence rule for V would be as 

from a T= (3 infer Va = V/3 (6.1) 

Problem is that the premiss of ()6.ip is not itself an equation, or a set of equations. This 
problem can be remedied by invoking some properties of relation lifting. More precisely, 
note that from Proposition 13.91 we may derive the equivalence a T= (3 <^=^ a TZ /3, for 
some Z C Base{a) x Base{f3). This would lead to the following formulation of a congruence 
rule: 

{a^b\{a,b)eZ} 
Va«V/3 

The above rule is supposed to have a set of premisses: {o ~ & | {a,b) G Z}, where Z C 
Base{a) x Base{/3) is a relation such that (a,/3) G TZ — the latter condition is formulated 
as a side condition of the rule. 

As it turns out, however, we also want V to be order-preserving, and the most straight- 
forward way to formulate that would be by strengthening ()6.ip to 

from a Tc /3 infer Va C V/3. (6.2) 
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If we want to turn this into a syntactically well-formed derivation rule again, we obtain our 
first derivation rule (VI): 

{a ^ 6 I (a, b) £ Z} _ . 

^ — — (a d) G TZ (VI) 

which can be read as a congruence and monotonicity rule in one. It has the additional 
advantage of being formulated in terms of our primitive symbol, 

Example 6.2. First, consider the C-labelled binary tree functor Bq = C x Id x Id 
Example 12. 3[ Here, an application of rule (VI) looks as follows: 

{ai ^ fei,a2 ^ ^2} 
V(c, 01,02) =^ V(c, 61,62) 
where c is an arbitrary element of C. Note that no inequality of the form V(c, 01,02) ^ 
V(d, 61,62) with d can be derived using (VI) because (V(c, oi, 02), V((i, 61, 62)) ^ T{Z) 
for any relation Z. 

In the case of the power set functor P, an application of the rule (VI) looks as follows: 

{a4b\{a,b)eZ} p„ 

where a, /3 € PuiC are finite sets of formulas. It can be easily seen that the premiss of the 
rule can be satisfied iff for all a G a there is a 6 G /? such that 0^6, and vice versa. 

In addition, any complete derivation system for Moss' language will need some inter- 
action principles describing the interaction between the nabla modality and the Boolean 
connectives. As we will see, the interaction principles between V and the Boolean connec- 
tives V and /\ will take the form of two distributive laws (in the logical meaning of the 
word). We postpone discussing the role of negation in our system until subsection 16.51 ^-^d 
before giving the general formulation of the laws for /\ and V; first discuss a simple, 
special, case. 



6.2. Functors restricting to finite sets. For a gentle introduction of our derivation 
system we first consider the special case where the functor restricts to finite sets. 

Turning to the interaction principles, we first consider the interaction between the coal- 
gebraic modality and conjunctions. More specifically, the purpose of axiom (V2) will be 
to rewrite a conjunction of nabla formulas as an equivalent 'disjunction of nablas of con- 
junctions', and we think of this axiom as a distributive law (in the logical sense). Formally, 
recall from Definition 13.181 that given a finite set A G PajT^^C, the set SRD{A) C T^P^C 
denotes the set of slim redistributions of A. Also recall that given an object $ G T^P^C, 
we find (T/\)<I> G T^C^ which means that V(T/\)<I> is a well-formed formula. We can now 
formulate the axiom (V2) as the following inequality: 

l\ {Va I a G ^} ^ \/ {v(rA)$ | $ G SRD{A)^ (V2/) 

Example 6.3. First consider the case of the C-labelled binary tree functor Be of Exam- 
ple 12.31 In Example 13.191 we discussed the shape of the collection of slim redistributions 
of a collection A Ti^C. From this it should be clear that we obtain the following three 
instances of (V2j). 
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(1) li A = 0, we obtain 

T^\/{V(c,T,T) \ ceC} 

(2) If A contains two elements (c, ai, 02) and (c', a'^, ag) with c 7^ c', then we obtain 

/\{Va I a G ^} ^ ±. 

(3) If 7r(7[A] contains a unique element ca, then we obtain 

/\{Va I a G ^} ^ V(CA, vri [A], vra [A]) 

where ttc, tti and 7r2 are the projection functions, as in Example 13.191 and where we 

used the optimization outlined in Remark 13.201 
Second, in the case of the power set functor in Example 13. 2H T = P, an instance of (V2j) 
looks as follows 

f\Va4\/ { V{A/3 I /3 G I = and a n ^ ^ for all a G ^, /3 G (6.3) 

Remark 6.4. In fact, we could have formulated this principle as an equation rather than 
as an inequality, since the opposite inequality of (V2j) can be derived on the basis of (VI). 
To see this, observe that for any formula a G /3 and any set ip G it holds that a ^ ip 
implies that a ^ /\ip. Reformulating this as (G;/\) C □, and using the properties of 
relation lifting we find that TG;T/\ C T^. From this it follows that, whenever a G Ti^C is 
a lifted member of <I> G T^P^C, we find that (T/\)<I>T(!Z)q. From this, one application of 
(VI) yields the existence of a derivation for the inequality V(T/\)<I> ^ Va. Since this holds 
for any a and $ with aTG<I>, we may conclude that 

V {^(^A)^ I ^ e SRD{A)^ □ l\ |va I a G 

That is, the opposite inequality of iy^f) is indeed derivable. 

Our second interaction principle, (V3), involves the interaction between V and the 
disjunction operation. And again, we think of this axiom as a distributive law (in the 
logical sense), stating that the coalgebraic modality distributes over disjunctions. More 
precisely, the rule reads as follows: 

v(rv)$ ^ V {^/^ I mG)^'} (V3/) 

Example 6.5. In the case of the functor Be = C x Id x Id, axiom (V3j) is of the following 
shape: 

V(c, V^, V^) =^ V{^(^' a,b)\aeA,be B}. 
For the power set functor P, an instance of axiom (V3/) looks as follows 

V{V/3 I /3 G ^ V^'^" I a C y$ and a n /? / for ah /? G $ }. 

Remark 6.6. In this case the opposite inequality can be derived on the basis of (VI) as 
well. Here we use the fact that a G (/9 implies a Q \/ if, or in other words, that G; V ^ !=• 
This implies that T^;T\J C TC, and hence, whenever /3 is a lifted member of we find 
that j3T^{T\J)^. Thus an application of (VI) shows the derivability of the inequality 
V/3 ^ V{T\I)(^. And since this applies to every lifted member of we may conclude that 

\/{v/3|/3r(G)«>} □v(rv)i>, 
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meaning that, indeed, the opposite inequahty of (V3/) is derivable. 

Summarizing, in the case of a set functor T that preserves finite sets, our deriva- 
tion system Mj extends that of classical proposition logic (Table [2]) with one congru- 
ence/monotonicity rule, and two axioms that take the form of distributive laws, see Ta- 
ble [3l The point of restricting to this case is to ensure that the axioms (V2j) and (V3j) 
are well- formed pieces of syntax, in the sense that the disjunctions on the right hand side 
are finite. 

Remark 6.7. The requirement on the given set functor T to preserve finite sets is obviously 
sufficient in order to ensure that the axioms (V2j-) and (V3/) are well-formed. Note, 
however, that there are set functors that do not restrict to finite sets and for which the 
axioms (V2j) and (V3/) are nevertheless syntactically well-formed. 

Consider for example the bag functor Bf^ from Example 12. 2[ In order to show that 
(V2j) and (V3/) are well-formed we have to prove that the sets 

{$ G B^P^X I $ G SRD{A)} for A G P^B^X and (6.4) 

{/3 G B^X I /3(5j G)«>} for $ G B^P^X (6.5) 

are finite. Using the characterisation of the relation lifting for B^ in Example 13.21 this is 
not diffcult to see: Let us consider first the set in ()6.4p . ie., we consider some A G P^B^X 
and we want to prove that the set G B^P^X \ ^> G SRD{A)} is finite. If $ G SRD{A) 
then by the definition of slim redistributions we have (a,$) G {B^^ g) for all a G ^ and 
G B^^P^^i\]^,^J^Base[a')). Therefore, using Proposition 13.91 we get that 



(a, $) G B^ [(^\ Base{a)xP^{U^, eABa.se{a')) j ^r all Q G A. 

This implies, by the definition of B^^j from Example 13.21 that there exists a function 

such that for all a G ^, all x G Base{a) and all U G PujiUa'eA Base{a')) we have 
^{U)= p{x\U) and p{x,U)<a{x) 

x'<^Base(a),x'eU 

Therefore we have ^{U) < '^^qu a{x). This shows that the range of <I> has an upper bound 
an thus, as $ is determined by its values on the finite set PujiXj^/^j^ Base{a')), there can 
only finitely many $'s that satisfy the requirement of a slim redistribution for the set A. 
In a similar way one can show that the set {/3 G B^^X \ P{Bi^ ^)^} in (|6.5p is finite for all 
<I> G B^P^X. We leave the details of the argument as an exercise to the reader. 

One example for a set functor for which the finitary axioms (V2j) and (V3j) are not 
well-formed is provided by the finitary probability functor in Example | 



6.3. The derivation system M. In the case that we are dealing with an arbitrary set 
functor T (not necessarily preserving finite sets), we would like to use the same derivation 
system as given in Table El Unfortunately however, in this case the axioms (V2j) and 
(V3/) are no longer well-formed syntactic expressions, since we cannot guarantee that the 
disjunctions on the right hand sides are taken over a finite set. In order to deal with this 
problem, we use the following trick: we replace an axiom of the form 
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(VI) 


|a =^ 6 I (a, 6) G z| 


(V2^) /\{Va 




(V3/) 





Table 3: Rules and axioms of the system M (in case T preserves finite sets) 



{a ^ b \ (a,b) £ Z} ^ ^ _ 
(VI) -!— — I y ^ f —a3)eTZ 



(V2) 
(V3) 



{V(TA)(^) ^ I ^ € SRDjA)} 
l\{Va \ a£ A} 4 b 

{Va ^ 6 I a Tg 



V{T\l){^)4b 



Table 4: Rules of the system M 

with the derivation rule 

{ai ^ 6 I i € /} 



a ^b 

The price that we have to pay for this transformation is that our derivation system will be 
infinitary. 

Definition 6.8. The derivation system M is given by the axioms and derivation rules of 
Table |H together with the complete set of axioms and rules for classical propositional logic 
given in Table [2j < 

Our notions of derivation and derivability are completely standard. 

Definition 6.9. A derivation is a well-founded tree, labelled with inequalities, such that 
the leaves of the tree are labelled with axioms of M, whereas with each parent node we may 
associate a derivation rule of which the conclusion labels the parent node itself, and the 

premisses label its children. If D is a derivation of the inequality a ^ b, we write — ^ ^ or 

D : a Qb. If we want to suppress the actual derivation, we write Km a ^ 6 or (in accordance 
with Definition 16. ip a Qm b. <\ 



Note that M is not a Gentzen-style derivation system; in particular, we do not have 
left- and right introduction- and elimination rules for V. Readers who are interested to see 
a detailed development of the proof theory of nabla-style coalgebraic logic, are referred to 
Bflkova, Palmigiano & Venema [13] (for the power set case). 
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6.4. Soundness and completeness. We can now very concisely formulate the main result 
of this paper as the following soundness and completeness result: 

Theorem 6.10. Let T be a standard set functor that preserves weak pullhacks. For all 
formulas a,b & C we have 

\-Ma 4 b iff a^xb. (6.6) 

In words, Theorem 16.101 states that for any two ^-formulas a and b, the inequality 
a ^ 6 is derivable in our derivation system M iff it is valid in all T-coalgebras. Our proof 
of this result will be based on many auxiliary results, which we will discuss in the next two 
sections. The final proof will be given at the end of section [HI 



6.5. The role of negation. At this point, the reader may be surprised or even worried 
that we have formulated our derivation system for a Boolean-based coalgebraic modal logic, 
without mentioning the negation connective (or the implication, for that matter) in relation 
to the nabla modality at all. Surely there must be some validities involving both V and 
->? The point is that indeed there are such interaction principles, but we do not need to 
formulate them explicitly as axioms or derivation rules since they are already derivable in 
the system M. The intuition underlying this fact is that in a bounded distributive lattice, 
all existing complementations are completely determined by the lattice operations: the 
complement -la of an element a, if existing, is the unique element b such that a A 6 = _L and 
a V 5 = T. 

Nevertheless, the key principle relating V to will be needed in our proofs below, and 
so we discuss it in some detail. For a smooth formulation we need the following definition. 

Definition 6.11. Given an element a £ T^^C, let Q{a) C T^^C be the set defined by 

Q{a) := |r(AoP^)^' I ^' € T^P^Base{a) and (a, ^') ^T^}. < 

To unravel this definition, observe that P-i : PojC — >• Pi^jC^ and so we have /\ oP-i : P^C — )■ C 
Thus we find that for m G T^P^Base{a) C T^P^C we have {T{/\ oP^))m g T^C indeed. 

In case T preserves finite sets, Q{a) is a finite set, and we can express the principle 
relating V and as follows: 

^Va^\l [wfi\fi(^Q{a)y (V4^) 

In other words: the negation of a nabla is equivalent to a disjunction of nablas of conjunc- 
tions of negations of the base formulas. Putting it yet differently, in the case of T preserving 
finite sets, we can define the Boolean dual A of V, just in terms of V and V- For more 
information on this dual modality A the reader is referred to Kissig & Venema |31j . 

In the general case, that is, if the functor T does not necessarily take finite sets to finite 
sets, we can express the interaction between V and in the form of a derivation rule, 

{V/3 ^ H /3 e Q(«)} /V4 ) 

-Va 4b ^ ^' 

and a collection of axioms: 

{V/3 ^ -Va I /3 G Q(a)}, (V4r) 
corresponding to the directions ^ and of (V4j), respectively. The point to make is 
that both (V4l) and (V4ij) are derivable in M. We will prove this in detail for (V4l). 
Given our completeness result, the derivability of (S/^r) is an immediate consequence of its 
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validity [H]. The actual derivation of V/3 ^ -iVq for f3 £ Q{a) is rather involved, so we 
refrain from giving the details here. 

In any case, the key instruments in the derivability of both (V4j;,) and (V4r) are the 
following two rules. 

Proposition 6.12. For any finite set ip of formulas, the following rules are M-derivable: 
T4\/ip ^Va4b\aeTip^ 



(V4a) 



(V46) 



T 4b 
Aa' 4 1 \ a ^ a' e ip^ 



a ^ a' & Tip 



Va A Va' =^ _L 

Proof. In the proof below, the following principle will be used a few times: 

Given / : 5 ^ 5', for s G S, Tf restricts to a bijection Tf : T{s} T{f{s)} (6.7) 

We first show the derivability of (V4a). Assume that we have a derivation Dj of 
T =4 y and a derivation of Va ^ 6, for each a € Tip. 

Consider an arbitrary element ^ G T{ip}. By Proposition I3.17l |2|). each lifted member 
a of <I> belongs to Tip. If we apply (V3) to the set {Da \ en T€ <!>}, we obtain a derivation 

. {Da : Va ^ 6 I a Tg 

for each $ G T{\}p\). 

Applying our principle (|6.7p to the map \/ : P^^L — > £, we find that each /? G T{{\/ ip}) 
is of the form f3 = (T for some <I>/3 G T({(^}). Thus in fact for each such f3 we have 

a derivation 

D^:V/34b 

On the other hand, we may continue the derivation Dj as follows. Consider the bijection 
/ : {T} — {V v}) which induces a bijection Tf : T{T} T{\/ ip}. Clearly we find that 
/ C {!^}, so that Tf C TC. From this it follows that we may apply the rule (VI) to the 
inequality T =4 \/ V and obtain, for each 7 G T{T}, the derivation 

VI' 



V7 ^ v(r/)7 

Combining the observations until now, we obtain the following derivation D^ for each 
7 G r{T}: 

D,: VI ^^'^'^ ""^^^^^ 



^ V7^v(r/)7 v(r/)7^b 
vTTb 

Since (T/\)(^) G r{T} for each ^ G T{0}, this means that above we have obtained a 
derivation 

D^ : v(rA)(^) ^ b 

for each ^ G T{0}. 
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Finally, consider the instantiation of (V2) with A = 0. By Proposition 13.231 we have 
SRD{0) = T{0}, so that the set {V{T /\){^) 4 b \ e T{0}} is exactly the set of premises 
of this instantiation of (V2). Hence we may simply take the set of all derivations Vx^,, with 
^ G T{0}, and continue as follows: 

{Pvp I ^ G T{0}\ 

This finishes the proof of the derivability of (V4a). 

In the case of (V46) we will proceed a bit faster, leaving the details as to why our 
argumentation yields derivability rather than admissibility, as an exercise for the reader. 
Let (f he a finite set of formulas such that a A a' = _L for all distinct a, a' G and let a 
and a' be two distinct elements of Tip. We will derive the inequality Va A Va' =^ _L. By 
(V2) it suffices to show that 

V(TA)(<J>) =^ ±, 
where $ is an arbitrary slim redistribution of the set {a, a'}. 

But if ^> G SRD{{a,a'}), and both a and a' belong to Tip, then first of all we have 
Base{^) C Pip, because $ G T^P^{Base{a) U Base{a')) by the definition of a slim redistri- 
bution and thus Sase($) C P[Base{a) U Base{a')) C Pip. In addition, it follows by Propo- 
sition [XTTl^l) that i?ase($), and then by Proposition I3.17"l |3]l that Base{^) contains 

some set ^ ^ ip with \tp\ > 1. Define the following function d : Base{^) — ?> P{p>) U |{^}|- 

r if Ixl > 1 
d{x) ■= { X if Ixl = 1 
[ {T} if 1x1 = 

On the basis of our set of premises {a A a' ^ J- \ a ^ a' £ Tip}, for each x G Base{^) C Pip 
we can find a derivation for the inequality A X ^ V d{x)- Putting these derivations together, 
and applying (VI) with Z = {{/\ x, V dix)) I X S Base{^)}, we obtain a derivation P$ for 
the inequality V(TA)(^) ^ WiT\/){Td{<^>)). 

We also claim that we can derive the inequality W{T\/){Td{^)) ^ _L. Since Base : 
T^ — 7> is a natural transformation, we have that Base{Td{^)) = {Pd){Base{^)) = 
d[Base{^)]. Now recall that above we found a ip (z Base{^) with {ipl > 1; it follows that 
= d{'ip) G Base(Td{^)), so that on the basis of Proposition 13.17( 1) we may conclude that 
Td{^) has no lifted members. But then one single application of (V3), with the empty set 
of premisses, provides the desired derivation for \/(T\/){Td{^)) ^ ±. 

Finally then, an application of the cut rule gives V{T /\){^) =4 ±, as required. □ 

As a corollary to this we can now prove the derivability of (V4i). 
Proposition 6.13. The rule (V4i) is derivable in M. 

Proof. Let a G T^^C and 6 G £ be arbitrary, and assume that for all /3 G Q{a) we have 
V/3 C b. We will show that ^Va C b. 

Consider the map t : P^Base[a) — )• £ given by 

t:ip^ l\{a G Base{a) \ a ^ ip} A /\{^b \ b eip}. 

Then for all tl^ C Base{a) it is straightforward to verify that (i) t{tl') Q {/\oP^)il;, and (ii) 
if a ^ then t{ip) C a. 
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Define (p to be the range of t. Intuitively, think of ip as the set of atoms of a Boolean 
algebra; then it is not hard to see that 

TC\/^- (6.8) 

We claim that 

for all 7 G Tc^ : V7 C 6 V Va. (6.9) 
For the proof of (j6.9p . take an arbitrary 7 G Tip. By definition of (/?, the map Tt is surjective 
when seen as Tt : T^PuiBase{a) T^ip, and so we may fix an element ^' G T^P^Base{a) 
such that 7 = {Tt)^ . Now distinguish cases. 

First assume that {a,^) T^. It follows from (i) that 7 = {Tt)^ TQ {T{/\oP^))'$ , 
and so an application of (VI) shows that V7 1^ V(T(/\ oP-i))\['. Now by assumption we 
have (T{/\ oP-i))'!' g Q{a), and so there is a derivation of the inequality V(T{/\ oP-i))^' ^ 
6. Then an application of the cut rule shows that V7 1^ b. 

If, on the other hand, the pair (a, ^) does belong to the relation T^, then by (ii) we 
obtain that 7 = (Tt)^ TQa. Now an application of (VI) yields a derivation for V7 ^ Va. 

In either simple propositional continuation of the derivation shows that V7 C 

6 V Va, which proves (|6.9p . 

Finally, applying the derived rule (V4a) to the premisses given by (|6.8p and (j6.9p . 
we obtain a derivation of the inequality T ^ 6 V Va. But from this it follows by some 
straightforward classical propositional manipulations that -iVa C b, as required. □ 



7. One-step soundness and completeness 

As mentioned in the introduction, our completeness proof is based on Pattinson's stratifi- 
cation method [l3] , which consists of stratifying the logic in oj many layers which are nicely 
glued together by means of a so-called one-step version of the derivation system. The main 
technical hurdle in this method consists of showing that this one-step derivation system is 
sound and complete with respect to a natural one-step semantics. In this section we will 
first properly introduce our version of these notions, and then prove the one-step soundness 
and completeness result. 

7.1. One-step semantics and one-step axiomatics. Starting with the one-step seman- 
tics, fix a set X and think of PX as a set of formal objects or propositions. Recall from 
Section [5] that CqPX and CiPX are the sets of formulas of depth zero and depth one over 
this language, respectively. The point underlying the one-step semantics is that there is a 
natural interpretation of the formulas in CiPX as sets of elements of TX, or, expressed 
more accurately, as elements of the Boolean algebra PTX. To explain this, first note that 
we may see the identity map 

l:PX^PX 

as a natural valuation interpreting variables of PX as subsets of X, and then extend this 
valuation to a unique homomorphism 

|.]^ :=7: WPX FX. 
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We find it convenient to denote U l : CqPX — )• PX by the same symbol [-Jq- and also to 

1^ 



occasionally drop the superscript . We may associate a relation IHv-C X x CqPX with 



this map, which we define inductively by putting 

X Ihjf p if X G p, where p € PX, 
X Ihj^ y (f if X Ih^f a for some a ^ if, 
X Ih^ /\ip if X Ih^ a for all a (z (p. 

Clearly the relation between |-]o and Ih^ is given by 

X £ [a]o iff X Ih^ a, 

for all X € X and all a £ CqPX. 

We note for future reference that [-Jo gives rise to a natural transformation. 

Proposition 7.1. The family of homomorphisms {|-]o'}xGSet is a natural transformation 
¥P P and, therefore, also a natural transformation [-Jo : ^qP P- 

Proof. Naturality of [-lo is a matter of routine checking. The key for the proof is that for 
any function f : X , Pf : PY PX is a Boolean homomorphism. □ 

Turning our attention to depth-one formulas, perhaps the easiest way to explain their 
one-step semantics is to introduce a similar relation Ih^ C TX x CiPX: 

TX,i\V\Va if {i,a)£T{h\), 

TX, i\V\\J^ if TX, e Ih^ c for some c G 

TX, }\ip if TX, ^ Ih^ c for all c G 99. 

Remark 7.2. It is instructive to have a look at the relationship between the one-step 
semantics of depth-one formulas and the coalgebraic semantics for arbitrary formulas from 
Definition 15.91 Roughly, the definition of the one-step semantics of a formula captures 
precisely what is needed to inductively define the semantics of the logic. 

More precisely, let {X,S,) be some T-coalgebra and let, for i < w, mng^ : Ci — > PX be 
the map, that maps any formula a £ Ci of modal rank i to its coalgebraic meaning, that is, 
for all a £ Ci and all x € X we let x G mngj(a) if x Ih a. Now we claim that for any k < lv 
and any Va G Ck+i we have 

xlhxVa iff rX,^(x) Ih^ V(rmngfc)a. (7.1) 

To see this, first observe that by induction on the Boolean structure of /I^-formulas, we 
may show that for any a £ C^ and any x G X, we have x Ihx a iff x Ih^^ mng^{a). In other 
words, we have 

(l^x) rxx£, = ; ^rig^\ (7.2) 
Based on this, we may reason as follows: 

X Ihx Va <^=^ ^(x)Tlhxa (definition of I h) 

^ ^(x) T((lhx) rxx£, ) a 

<;=^ ^(x) T\[-\ ; mngj^ a (equation (17. 2p ) 

<;=^ ^(x) T\\-\ {Tmngf^)a (properties of relation lifting) 

^ TX,Cix) '^{Tmngk)a. (definition of Ih^) 
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In words: if we assume that we have already defined the interpretation of all formulas of 
modal rank k then the one-step semantics allows us to extend this interpretation to formulas 
of rank k + 1. 

The relation Ih^ provides a natural semantics for terms of depth one, and induces a 
natural semantic equivalence relation. 

Definition 7.3. Given a set X, we define the one-step semantics |a'Ji of a formula a' € 
Ci{PX) as 

la'li ■.= {i&TX\TX,i\V\ a'}. 

We say that two formulas a', 6' € Ci{PX) are semantically one-step equivalent, notation: 
a'=,e™6', if Ia'li = I6'li. < 

Remark 7.4. Alternatively but equivalently, we can define the as follows. Apply T to 
the map [-Jo, and compose with the function A^^ to obtain 

A^ o r[-Io : T^C^PX ^ PTX. 

This map then provides us with an interpretation of the basic formulas in L\PX = 
CqT^ CqPX , namely the ones of the form Va G T^CqPX: 

/ix(Va) := (A3^or[.]o)(a). 

Now [-Ji may be identified with UJlx '■ CqT^ CqPX — )• PTX. Occasionally, we will write 
also for the Boole-morphism fix : VT^ CqPX PTX. 

To match the semantic notions of equivalence between >CiPX-formulas, we introduce 
a one-step version of the derivation system M, associated with the presentation CPX of 
the power set Boolean algebra PX. Formal definitions will be given below, but the basic 
idea is straightforward: modify M by (i) restricting attention to the depth-0 and depth-1 
formulas over the set PX of (formal) variables, and (ii) adding the 'true facts about PX' as 
additional axioms. The resulting derivation system naturally induces an interderivability 
relation on £iPX-formulas that we shall denote as =mc¥X for reasons that we will clarify in 
Remark 17.71 further on. This then raises the question whether the two equivalence relations 
are the same or not, and the main aim of this section is to provide an affirmative answer to 
this question. 

Theorem 7.5 (1-step soundness and completeness). For any set X, and for any pair of 
formulas c,d ^ CiPX we have 

C =sem d iff C =MCPX d- (7.3) 

Our proof of this result will be algebraic, and before we can move to the details of the 
proof, we need to set up the appropriate framework for this. 

We now define the one-step derivation system M(G; R) associated with a presentation 
{G;R). Recall that CqG and £iG = CqT^ Cq{G) are the set of depth zero and depth one 
formulas in G, respectively. In this section if we want to stress the difference between the 
two kinds of formulas, we shall use a,b, . . . for formulas in jC.q{G), and c,d,... for formulas 
in Ci{G). An £oG- inequality is an inequality of the form a ^ b, with a,b G CqG; and 
likewise for CiG. Intuitively, we obtain 'M.{G;R) from M by restricting attention to CqG- 
and >CiG-inequalities, and adding the (in) equalities of R as additional axioms. 
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Definition 7.6. Given a presentation {G; R), we let M(G; R) denote the one-step derivation 
system associated with {G;R). The language of M.{G;R) consists of /^oC-inequalities, and 
£iG- inequalities, and its axioms and rules are those of M, together with the set 

R^ := {a 4 b,b 4 a \ (a, b) G R}. 

A M(G; R) -derivation is a well-founded tree, labelled with CqG- and >CiG-inequalities, such 
that (i) the leaves of the tree are labelled with axioms of M or with inequalities in R^, (ii) 
with each parent node we may associate a derivation rule of which the conclusion labels the 
parent node itself, and the premisses label its children. <l 

We will leave it for the reader to verify that in M(G; i?)-derivations, a parent node is 
generally labelled with the same type of inequality (i.e. CqG versus CiG) as its children; 
the single exception is the rule (VI) which links /^o-inequalities of the premises to an Ci- 
inequality in the conclusion. As a corollary, M(G; i?)-derivation trees can be divided into 
a (possibly empty) upper £oG-part and a (possibly empty) lower >CiG-part. 

Remark 7.7. We can now clarify the syntactic interderivability notion of our one-step 
soundness and completeness theorem. Given a set X, recall that C¥X is the canonical 
presentation of the Boolean algebra ¥X, and observe that =]yi(7px is the associated relation 
of derivable equivalence of CiPX-terms in the one-step derivation system MCFX. It is 
this derivation system that Theorem 17.51 stating that the semantic equivalence relation is 
the same as the relation =i^Qpx^ concerned with. 

Remark 7.8. Definition 17.61 corrects and clarifies the corresponding definition in this pa- 
per's earlier incarnation, where the one-step proof system 'M.{G;R) was not properly spec- 
ified. In particular, the sentence in \3A\ Definition 22], 'in which only elements of X and 
2{X) may be used' (where X denotes the set of generators) was not only rather vague, but 
in fact mistaken: it would not permit nontrivial applications of the derivation rules (V2) 
and (V3), since these require the use of more terms in Co{X) than only the generators in 
X themselves. 



7.2. The functor M on presentations. As we will see now, the notion of a one-step 
derivation system induces a functor on the category of presentations. 

Definition 7.9. Given a presentation (G; R), we let M{G; R) denote the presentation given 

as 

M{G;R) := {T^ Co{Gy=M{G:R))- 
For a presentation morphism / : {G;R) {G';R'), the definition 

M/ : Va ^ ViTj)a 

provides us with a map Mf : Cq{G) Cq{G'). < 

In other words, M f maps generators of the presentation M{G; R) to generators of the 
presentation M{G';R'). We will now show that Mf is in fact a presentation morphism 
from M{G;R) to M{G';R'). 

Remark 7.10. To be more precise, we need to compose Mf with the unit ^t^£o(G') of the 
monad Cq, instantiated at Cq{G'), in order to obtain a map with the right codomain, 
CqT^Co{G'). In the sequel we will suppress this sublety. 
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Our key tool in the proof that Mf is a presentation morphism, consists of a natural 
way to transform M(G; ii)-derivations into M(G'; -R')-proofs. 

Proposition 7.11. // / : {G;R) {G';R') is a presentation morphism, then there is a 
map (•)'^ transforming ^{G; R) -derivations into ^{G'; R') -derivations such that 

V:c4d =^ : Mfc =4 MJd. 
for every CiG -inequality c =4 d. 

Proof. As an easy auxiliary result we need that for any two terms a,b (z CqG, 

a !=M(G;R) b a Qr b, (7.4) 

where a Qr b means that a a A b. From (j7.4p and the fact that / is a presentation 
morphism it is easy to derive that 

o EM(G;i?,> b only if fa Em(G';R') fb- (7.5) 
We now turn to the proof of the Proposition proper, which will be based on a straight- 
forward induction on the complexity oi V : c ^ d, where c and d are >Ci-formulas. We make 
a case distinction as to the last rule applied in V. 

First assume that the last applied rule in T> was (VI). That is, the formulas c and d 
inV-.c^d are of the form c = Va and d = V/?, for some a and /3 in T^CqG, respectively, 
and we may assume that V is of the following form: 

^ . {Vgf, :a4b\{a,b) £ Z} 
Va 4 V/3 

Here Z C Base{a) x Base{(3) is some set with (a,/3) G TZ, and such that for every pair 
(a, b) € Z, there is a depth zero derivation Vab ■ a ^ b. 

Define Z' := {{fa,fb) \ {a,b) G Z}, or, equivalently, Z' := {fy;Z;f. Then it follows 
from (17. 5 p that for each (a', b') G Z', there is a derivation T>^,f^, : a' =4 b' . Using the properties 
of relation lifting we find that TZ' = (Tf )"; TZ; Tf, and from this it is immediate that 
(Tfa, TfP) G TZ'. Combining these observations, we may transform the derivation T> into 

^ {Va>b' a' b' I {a',b')eZ'} 
VTfa ^ Vr//3 

But then we are done, since Mf{S/a) = \7Tfa, and likewise for f3. 

Second, suppose that the last applied rule in V was (V2). That is, V ends with 
^ . {V^: V(TA)^ 4d\^(£ SRDjA)} 
/\{Va \ a e A} ^ d 

We are to transform T> into a derivation T>-f of the inequality /\{Va' | a' G A'} ^ Mfd, 
where A' := {Tfa \ a G A}. Working towards an application of (V2), we claim that 

SRD{A') C G [ IJ Base{Tfa) j | 3$ G SRD{A) such that TPj{f^) = (7.6) 

To see why this is so, consider an arbitrary slim redistribution of A' . First observe that 
J[Base[A]] = |J {Pj){Base{a)) = |J Base{{Tf)a) = Base[A'], (7.7) 
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where the second identity is by the fact that Base : T^^ ^ P^j is a natural transformation 
(cf. Fact 12.1^ . If we restrict / to the set 5ase[A], by (j7.7p we obtain a surjective map 

g : Base[A] Base[A']. 
From the surjectiveness of g it fohows that (Pg) o (Pg) = idpBase[A']i and so we also find 
that [TPg) o (TPg) = ic^Tj^pBasefyl']- Hence if we define 

$ := (TPg)^', 

we see that ^' = TPg{^) = TPf{^). Therefore, using £;Pf C /; E, it is easy to see that 
a(T g)$ implies Tfa{T g)<I>' for all a E T^CqG. Thus, in order to prove ()7.6p it suffices 
to prove that <^ is a slim redistribution of A. To see why this is the case, first observe that 
by definition of g we have that TPg : T^^PBaselA'] — )• T^PBase[A\, and so we find that 
^ € T^^PBase[A\. It is left to prove that every element of ^ is a lifted member of 

Take an arbitrary element a (z A, then Tg{a) G A' by definition of A' and g, and so 
Tg{a) is a lifted member of by the assumption that G SRD(A'). This means that 
(a,$) G {Tg);{Te);{TPg). The key observation now is that {Tg); (Te); (TPg) C Tg, 
which is immediate from g; G; {Pg) ^ G by the properties of relation lifting. Applying this 
key observation we find that (a, <I>) G Tg as required. This finishes the proof of (j7.6p . 

Returning to the construction of our derivation , consider an arbitrary slim re- 
distribution of A', which by (j7.6p we may assume to be of the form (TPf)^ with 
^ G SRD{A). Applying the inductive hypothesis to the derivation P$ we obtain a proof 
Vl : MfV{Tf\){^) 4 Mfd. However, from / o /\ = /\ o{Pf) we obtain that 

M/V(rA)('3>) = V(T/)(TA)(1>) = V{Tf\){TPfm = V{Tf\)^'. 
In other words, for any G SRD{A') there is a derivation of the inequality V(T/\)$' ^ 
Mfq. Putting all these derivations together, one application of (V2) gives the desired 
derivation 

: (M/)(^/\{Va | a G ^ Mfd. 

Now suppose that the last applied rule in V was (V3). In this case P has the following 
shape: 

^. {Va:Va4q\aT{e)<i>} 
In order to see which inequality we need to derive, we first compute 

M/(v(rV)<i>) = v(T/)(rV)<i> = v(rV)(rp/)$, 

where the latter identity follows from the fact that / o V = V °Pf- We are looking for a 
derivation of the inequality V(T\/)(TP/)<I> ^ Mfd. Since we want to apply the rule (V3), 
we first compute the set of lifted members of (TP/)$. But since G; {Pf )"=/"; G, applying 
relation lifting we obtain T G; {TPf )" = (Tf Tg. This immediately shows that 

(a', (TP/)$) G Tg iflF a' = Tfa for some aTG$. 

By the induction hypothesis, for each aTG^" we have a derivation Va ■ VT fa ^ Mfd. In 
other words, for every lifted member a' of (TPf)^, there is a derivation D^/ : Va' ^ Mfd. 
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But then by one application of (V3) we are done: 

_ {Va> :Va' 4q\ aT(g)(rP/)<D} 

M/(V(rV)$) ^ Mfd 
Finally, the cases where the last applied rule in V was a prepositional one, are left as 
exercises to the reader. □ 

Given Proposition 17.111 it is not difficult to prove that Af is a functor. 

Theorem 7.12. M : Pres — )• Pres is a functor. In addition, M maps pre-isomorphisms to 
pre-isomorphisms. 

Proof. Since it is not difficult to verify that M preserves identity arrows and distributes over 
composition, we confine our attention to the proof that M maps presentation morphisms 
to presentation morphisms. 

Let / : {G; R) {G';R') be a presentation morphism, and let c,d€ Cq{T^ CqG) = 
CiG be such that c =m.{G;R) t^^sA, is, there are M(G; i?)-derivations Vi : c ^ d and 

T>2 '■ d ^ c. Proposition 17. 1 11 provides us with M(G'; i?')-derivations T>{ : Mfc =4 Mfd and 

• Mfd =4 Mfc. This means that we have Mfc =m{G';B') Mfd, as is required for Mf 
to be a presentation morphism. 

In order to prove that M maps pre-isomorphisms to pre-isomorphisms, a routine proof 
will show that M preserves pre-inverses. □ 



7.3. The functor M and its algebras. Given the intimate relation between Boolean 
algebras and their presentations, it should come as no suprise that the presentation functor 
M naturally induces a functor on the category of Boolean algebras. 

Definition 7.13. The functor M : BA ^ BA is defined as M := S o M oC. <\ 

To explain this functor in words, first consider the objects. Given a Boolean algebra A 
with carrier A := UA, the elements of MA are the equivalence classes of the form [aJmcA; 
where a G £1 A is a depth-one term over the carrier of A, and the equivalence relation =mca 
is the interderivability relation in the one-step derivation system MCA which takes, as its 
additional axioms, the diagram Aa of A (listing the 'true facts' about A). Summarizing, 
we find that 

C/MA = CiA/=^cK- 

In order to explain the action of M on a homomorphism / : A — > A', the upshot of 
Theorem 17. 121 is that the map 

M/ : Mmca ^ [CiUf{a)UcK', (7.8) 
correctly defines a homomorphism M/ : MA — )• MA'. Here Ci is given in Definition 15.81 
and the observation ()7.8p is a direct consequence of the definitions and of the following 
proposition. 

Proposition 7.14. Let f : {G;R) {G';R') be a presentation morphism. If f maps 
generators to generators (in the sense that f[G] C G' ), then 



Mf = Cif. 
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Proof. Suppose that / : {G;R) {G';R') maps generators to generators, then it is imme- 
diate that / = Cof. From this it fohows that Mf = f = T^Cof, and since Mf also 
maps generators to generators, we find that Mf = CqM f = CqT^ C^f = Cif. □ 

For future reference we mention the following. 

Definition 7.15. Given algebra B, we shall denote with : Ci{UM) — > MB the map 

that is, = "ilMCB is the quotient map sending a formula b to its equivalence class under 

=MCM- < 

Proposition 7.16. The family of homomorphisms p^, with B ranging over the class of 
Boolean algebras, provides a natural transformation p : CiU ^ M. 

Proof. Let / : B — )■ B' be some Boolean homomorphism. In order to prove that p is a 
natural transformation, we need to show that the diagram below commutes: 



CiUM MB (7.9) 



/ 



CiUf 



CiUM' — 



This follows from a straightforward unfolding of the definitions: For any b G CiUM we have 

{Mf o pb)(6) = M/([6]mcb) = [CiUf{b)]MCM' = PM'{CiUf{b)) = {pw o CiUf){b). 

Here the second step is by (|7.8|) above. □ 

It turns out that M has some nice properties that will be of use later on. In particular, 
we may show that M is finitary and preserves embeddings. Intuitively, being finitary means 
proof-theoretically, that for any Boolean algebra A, a derivation of I~m(a) cli ^ 0,2 can be 
carried out in a finite subalgebra of A. (Note that this is not obvious since we may be dealing 
with an infinitary proof system.) Formally, we need the following definition, referring to [6] 
for more details. Recall that a partial order is directed if any finite set of elements has an 
upper bound. 

Definition 7.17. Given a category C, a directed diagram over C is a diagram which is 
indexed by a directed partial order. An endofunctor on C is finitary if it preserves colimits 
of directed diagrams. < 

In case of an endofunctor on Set this definition is equivalent to the one of Section [2j 

Example 7.18. Given a Boolean algebra B, let (^^^(B), C) be the set of finite subalgebras 
of B, ordered by inclusion. We can turn this poset into a diagram by supplying, for 
each pair of finite subalgebras B' and B" such that B' C B", the (unique) inclusion /-b'B"- 
Since the variety BA is locally finite., which means that every finitely generated Boolean 
algebra is finite, one may easily see that every Boolean algebra B is the directed colimit of 
its associated diagram 5b. 

In fact, it is a routine exercise to verify that for an endofunctor on the category on 
Boolean algebras to be finitary, it suffices to preserve the directed colimits of the subalgebra 
diagrams described in Example 17.181 
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Proposition 7.19. M is a finitary functor that preserves embedding s. 

Proof. Fix a Boolean algebra A with carrier set A := UK. Given two elements ai, 02 £ 
consider the collection of elements of A that occur as subformulas of ai and 02- It follows 
from our earlier remarks on subformulas that this is a finite set, which then generates a 
finite subalgebra A' of A. By definition we have 01,02 € CiA', where we define A' := UA'. 
We claim that 

l-MCA ai 4 02 iff l-MCA' oi 4 a2- (7-10) 
The interesting direction of ()7.10p is from left to right. The key observation here is that 
from the fact that A' is a finite subalgebra of A, we may infer the existence of a surjective 
homomorphism / : A — t- A' such that f{a') = a' for all a' G A'. (In other words. A' is a 
retract of A.) There are various ways to prove this statement; here we refer to Sikorski's 
theorem that complete Boolean algebras are injective [50]. But if / is a homomorphism, 
by Proposition 17.111 it follows from \-mca «i ^ 02 that I-mca' Mf{ai) ^ M/(a2). Since / 
restricts to the identity on A' , so does M f = Cif on CiA' . As a direct consequence we find 
that Mf{ai) = Oj, for both i = 1,2. Thus, indeed, Hmca' «i ^ «2, which proves (IT.lOp . 

It is now easy to see that M is a finitary functor. As mentioned above, it suffices to 
show that MA is a directed colimit of the image MS'a under M of the subalgebra diagram 
5a of A (see Example I7.18p . Given a finite subalgebra B of A, let ei denote the inclusion 
homomorphism, : B ^ A. We claim that 

(MA,MeB)BGSA is a colimit of MS'a. (7.11) 
Since for every pair B,B' such that B ^ B' ^ A, we have = ew ° '-bb'j it is obvious 
from the functoriality of M that (MA, MeB)BeS'A is a cocone over MS'a- To see why it is in 
fact a colimit, suppose that (B,£iB)BGSA is another cocone over MS'a, and take an arbitrary 
element of MA. By definition, this element is of the form [aJmca for some formula a CiA. 
Let, as above. A' be a finite subalgebra of A such that a G CiA', then it follows from (j7.10p 
that the following provides a well-defined homomorphism d : MA B: 

d{[a]MCA) ■= d^>{[a]MCA')- 

We leave it as an exercise for the reader to verify that d is the unique homomorphism 
d : MA B such that for all B ^ A, the following diagram commutes: 

MB — 5^ MA 




This proves (j7.1ip . and as mentioned this suffices to establish that M is finitary. 

For the second part of the Proposition, let e : A ^ B be an embedding. Without loss 
of generality we will assume that e is actually an inclusion (that is, A is a subalgebra of B). 
In order to prove that Me : MA — )• MB is also injective, it suffices to prove the following, 
for all ai, 02 G A: 

l-MCB ai 4 a2 implies Hmca oi ^02- (7.12) 
But the proof of (j7.12p simply follows from two applications of (j7.10p . □ 
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In the sequel we will be interested in algebras for the functor M. Recall that these are 
pairs of the form (A, /), where A is some Boolean algebra, and / is a homomorphism from 
MA to A. First of all, we will see that such M-algebras are Moss algebras in disguise. 

Definition 7.20. Given an M-algebra (A,/), we let V{A,f) denote the Moss algebra 

V{A,f) := (C/A,-^,V*, A^V^<^■^>). 

Here we define V^^'^--^^ : T^UA UA by recahing that T^f/A is a subset of CiUA, and 
putting 

where pA is as in Definition 17.151 In addition, given an M-morphism g : (A,/) — )• (A',/), 
we define Vg to be the morphism Vg : VA — > VA' given by 

Vg := Ug. 

That is, as a map, Vg is simply the same as g. < 

We leave it for the reader to verify that with this definition, V actually defines a functor 
transforming M-algebras into Moss algebras. 

Proposition 7.21. The operation V defines a functor 

F:AlgBA(M)^AIgs,,(^A/). 

Because M is a finitary functor we can define the initial M-algebra to be the colimit of 
the first cj steps of the initial sequence of M. 

Definition 7.22. The initial sequence 

2^^M2^^Wf2^^ ... M*^2^^M^+i2^-^i^... (7.13) 

results from starting with jo as the unique homomorphism from 2 to M2, and defining 
jk+i ■= Mjk, for all k £N. We let M'^2, with the collection of maps {ik : M'=2 M^2)k(zw, 
denote the colimit of this sequence. < 

In the following Proposition we gather some facts about these structures. 

Proposition 7.23. 

(1) For each k £ uj, the map '■ M^2 — t- M*''+^2 is an embedding, and so is the map 
ik : M'=2 M^2. 

(2) There is a uKxp jijj '. — V IV]I'^~^^2 such that the followifig diugvciTTi coTUTYiutes, for 
every k ^ u: 



M 




m'^ 


«2 










M"2 — 





(3) The map j^) has an inverse 

(4) The structure (M'^2,Q?-^) is an initial M-algebra. 

(5) For all k G uj we have that ik+i = '^'^ ° Mi^. 
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Proof. Part 1 is immediate by Proposition 17.191 and basic category theory. Part 2 follows 
from being a colimit of the initial sequence (j7.13p . The inverse of joj, mentioned in 

part 3, exists by the facts that the initial sequence is a chain, and hence directed, and that 
T preserves directed colimits. 

For part 4, consider an arbitrary M-algebra A < " MA , and define the co-cone 
(A,Qfc : M''2 A) as follows: oq : 2 ^ A is given by initiality, and for /c € u; we put 
Q^fc+i := A o Q!fc. Then by being the colimit of the initial sequence, there is a unique 
map a^^ : — > A such that = ckoj o i^, for all A: € w. Now consider the following 
diagram: 

M^I^^Wr+^l (7.14) 




This diagram commutes by fd^l being the colimit of the initial sequence. Finally, consider 
the map C^-^ of part 3. Then 

o Q?-^ = (a o Ma^ o j^) o (diagram fTTil) commutes) 

= Q o (j(^ and ^''^ are converses) 

and from this part 4 is immediate. 

Finally, for part 5, fix A; G w. By definition, {A4,in)n£Lj is a co-cone of the initial 
sequence, and so we have = jk ° ik+i- From this it follows by (the diagram of) part 2 
of this Proposition that j^^ o i^^i = Mi^, and from this we easily derive by part 3 that 

ik+i=j-'oMik = ^^oMik. □ 

The above Proposition justifies the following Definition. 

Definition 7.24. We let M denote the M-algebra (M^2,^-^), and we will refer to this 
structure as the initial Wl-algebra. <1 

Remark 7.25. In the sequel, we will be interested in the Moss algebra VA4. Observe that 
the nabla operation V^-^ of this structure is defined as V^^{a) = ^■^(pM"2(Va)), and 
so by definition of ^•'^ we find that 

V^-^(a)=jJ^(/9M^2(Va)). 



7.4. Proof of One-Step Soundness. In this subsection we will establish one-step sound- 
ness of the one-step derivation system; that is, we prove the direction from right to left of 
Theorem 17.51 

Proposition 7.26. For any set X, and for any pair of formulas c,d ^ CiPX we have 

c=semd if C=-Mcwxd. (7.15) 

Proof. We argue by induction on derivations, so that clearly it suffices to show that each of 
the rules (VI) — (V3) is sound. Fix a set X. 

Case (VI). Let Cq C CqPX x CqPX be the relation of 'provable inequality' a Cq 6 if 
the inequality a ^ 6 is derivable. It is straightforward to see that for all a,b € CqPX, it 
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follows from a Qb that [a]o ^ |6]q. (This boils down to showing that our Boolean axioms 
of Table [2] are sound.) Hence it remains to show that for all a, /3 S CiPX, we have 

iiaTZ P for some Z C Cq, then |Vali C [V/31i. (7.16) 

For this purpose, assume that a TZ f3 for some Z Q Qq, and take an arbitrary element 
^ G TX such that TX,S, Va. Then by definition of Ihi, we have ^ Tlho a, so that by the 
properties of relation lifting we obtain that £^ T{\\-q ; Z) /3. However, it is straightforward to 
verify that \\~o]Z CL Ihg ; Eo E l'"0) and so we obtain that ^ T Ihg /3. From this it is immediate 
that TX,^ Ihi V/3. 

Case (V2). Given a set A C Ttj£o(-P-^) and an element ^ G TX, assume that TX, ^ Ihi Va 
for each a G ^4. We need to prove that TX,^ Ihi V(r/\)<I) for some $ G SRD{A). To come 
up with a suitable let := |J 5ase[^] and consider the map ip : X ^ PwB given by 

: X ^ {b ^ B \ X^xh^h}. 

We claim that the set 

$ := {T^m 

fulfills our requirements. 

First of all, in order to prove that TX,^ Ih V(T/\)(<I>), observe that by definition of 9?, 
we have C II-q. Hence by the properties of relation lifting, it follows that T(p;T/\ C TII-q. 
In particular, we find that (^, (T/\) (<!>)) G Tlho; but then it is immediate from the definitions 
that rx,e Ih V(TA)(^)- 

Second, by definition we have <I> G Ti^P^B and so, in order to show that <1> G SRD{A), 
it suffices to prove that a G Apj5^($) for all a ^ A. For this purpose, observe that (p ; = 
I ho \xxB ■ Then by the properties of relation lifting we obtain Tip ; (Tg") = Tlho \txxTB ■ 
In particular, since Tlho \txxTB a by assumption, it follows that a Tg Tip{(,) = <I>, as 
required. 

Case ( V3) . We could prove the soundness of ( V3) analogously to our proof of Proposi- 
tion 15.181 but we prefer to give a different proof here, stressing the role of the distributive 
of over the power set monad, cf. Fact 13.141 

Fix an element <I> G Ti^P^jCoPX . Given Remark 17. 4^ it suffices to show that 



[V(TV)(^)1i = {JlXlinUo^)) I a TG 



(7.17) 

The point is now that (j7.17p can be read off the following diagram, where we tacitly use the 
fact that restricts to a natural transformation A^^ : T^^Puj — > T'T^ (see Proposition 13. 17]) . 



Ti^Pi^CqPX 



T„PX 




PT^CoPX 

PTlh 



(7.18) 



T^PujPX PT^PX 



P^x 



^x 



PT^X 



PPT^X 
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To see this, first observe that the left hand side of ()7.17j) corresponds to the left edge of the 
diagram, where an arbitrary element <I> G T^Pi^CqPX is mapped to 

A3^(T4.io(r^VW)) = Iv(TV)(<i>)li. 

Similarly, the right hand side of (I7.17P corresponds to clockwise following $ € T^jPujCoPX 
along the outer edges of the diagram, from the upper left to the lower left corner, arriving 
at the object U{-Ax(^Ho(")) I aTe $}. 

Therefore in order to show (|7.17p it suffices to show that the diagram commutes. But 
this is fairly straightforward. First observe that 

HooV = U°^-Ho' (7-19) 
as a straightforward verification will reveal. After applying the functor T^^ to (|7.19p . we 
immediately obtain that the left quadrangle of (j7.18p commutes. The right-hand quadrangle 
commutes since is natural. And finally, the pentagon commutes since is a distributive 
law over the power set monad, see Fact 13.141 As a consequence, the diagram (j7.18p itself 
commutes. □ 



7.5. Proof of One-Step Completeness. We now turn to the one-step completeness of 
our derivation system. Our proof is based on properties of algebras of the form MB, with 
IB an arbitrary finite Boolean algebra. With AtM denoting the set of atoms of B, we can 
formulate our key insight by stating that the Boolean algebra MB is join-generated by its 
'lifted atoms', that is, its elements of the form [Va] with a € T{AtM). That is to say, we 
can prove that every element x of MB is the join of the elements in T(AtM) below it: 

rc = \y |[Vq] I Q G T^{AtM), [Va] < x|. 

Here, as elsewhere in this subsection, the join is taken in the algebra MB, and may be 
happen to be taken over an infinite set; in that case, the statement should be read as saying 
that 'the join on the righthandside exists, and it is equal to the lefthandside'. As we will 
see, in the case that the functor does not preserve finite sets, this is a convenient way of 
treating infinitary rules as identities. 

Arriving at the proof details, in order to establish the one-step completeness of M, we 
need to prove the direction from left to right of (17. 3p . We will reason by contraposition, 
showing that for arbitrary a',b' € CiPX: 

a ^MCFX b' implies [a'Ji ^ {b'ji. 

Given the fact that our logic extends classical propositional logic, we may confine ourselves 
to the case where 6' = X. 

Fix an element a' € CiPX, and assume that a' is one-step consistent: a' -L, or, 
equivalently, [a'] > _\J^^. We will prove that a' is one-step satisfiable: la'li / 0. Let 
{ai,...,a„} be the (finite!) set of elements a G Ti^PX such that Va occurs in a', and 
define 

Base{a ) := \^ Base{ai). 

l<i<n 

This is a finite subset of jCqPX, that is, a finite set of Boolean formulas in which the subsets 
of X are the formal generators. Let D PX be the collection of those subsets of X that 
actually occur (as a formal object) in one of the formulas in Base{a'), and let B be the 
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subalgebra of PX that is generated by D. Then both D and B are finite (whereas their 
elements may themselves be infinite subsets of X). The point is that B is a finite subalgebra 
of FX such that a' G Ci{UM). 

It follows by the key lemma in the one-step completeness proof, Theorem 17.281 below. 

that 

[a'] = y^ilVa] I Q G T^{AtM),Va Q a'}. (7.20) 

But since a' is consistent, we have that [a'] > ±, and so we may conclude that there 
actually exists an a G T^^AtM such that Vq E a' — if there were no such a, then the 
righthandside of (I7.20p would evaluate to _L. By Proposition 17.271 we obtain for this a that 
|Va|i / 0, and so by soundness we may conclude that [a'Ji 3 [Vaji / 0. In other words, 
we find that [a']i is one-step satisfiable, as required. 

Proposition 7.27. Fix a set X and let a G Ti^{AtM) for some finite subalgebra B of¥X. 
Then {Vaji / 0. 

Proof. Clearly the set AtM C PX forms a partition of X. Let h : AtM ^ X be a choice 
function, that is, h{a) G a for each a G AtM. Using the properties of relation lifting, it is not 
hard to derive from this that (T/i)(a)T(GjJc)a for each lifted atom a. It follows immediately 
that iTh){a) G {Vaji. □ 

The following is the key lemma in the one-step completeness proof. 

Theorem 7.28. Let M be a finite Boolean algebra. 

(1) For any two elements a,f3 £ Ti^{AtM), we have 

[Va] A [V/3] >±iffa = p. 

(2) The top element o/MB satisfies 

T^^ = \f{[Va] \a£T^{AtM)}. 

(3) The set {[Va] | a G T^{AtM)} join- generates ME; that is, for all a' G CiUM 

[a] = V{[^«] I « ^ T^i^tM), [Va] < [a']}. 
Summarizing, the algebra MB is atomic, with At(MM) = {[Va] | a G Ti^{AtM)} . 

Proof. Throughout the proof we will abbreviate A := AtM and B := UM. 

The proof of first two statements is immediate by Proposition 16.121 (take for ip the set 
A). Concerning the third statement of the Theorem, observe that the inequality '>' of (j7.23p 
always holds, so it will be the opposite inequality that we need to establish. Our proof will 
be by induction on the complexity of a' (as a boolean formula over the set T^CqB). 

In the base case of the induction, a' is of the form V/3, with /3 G T^CqB. Our first claim 
is that without loss of generality, we may assume that V/3 actually belongs to T^^B. The 
justification for this claim is that for any b G CqB there is a 6o £ -B such that the equation 
6o ~ & is derivable in the proof system CB associated with the canonical presentation of 
B: simply let 6o '■= id sib) be the element of B to which the term b evaluates. (For the 
definition of ids we refer to l4.31 ) Thus an application of (VI) shows that for any /3 G T^CqB 
there is a /3o € T^^B such that Kmcb V/3 « V/3o: simply take /3o := Tidsi/^). 



(7.21) 
(7.22) 

(7.23) 
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Hence, assume that indeed, /3 S TujB. Think of the finitary join as a map V : PujA — > B. 
As such it is a bijection, and this property is inherited by the map T \/ : T^P^A — )• T^^B. 
Furthermore, it is easy to verify that for any ip € PujA and any a £ A, we have that 

aex ^ iff a<\/ (f, (7.24) 

which can be succinctly formulated as 3x= Vi — (where V now denotes the graph of the 
disjunction function). By the properties of relation lifting, this implies T{3x) = T\/;T>, 
which can again be reformulated as stating that for any $ G T^PA and any a G T^A it 
holds that 

ar(Gx)^ iff ar<(rV)^. (7.25) 
Now consider an arbitrary element /3 G and let <1> be the (unique) element of 

T^P^A such that (5 = {T\/){<^). Then (TM) reads that aT{£x)^ iff ar(<)/3, for ah 
a G T^A, and so axiom (V3) instantiates to 

[V/3] = \/{[Va] I a G T^A and aT(<)/3}. (7.26) 

But since by the nature of the one-step derivation system we have < = E on elements of 
PX, we also have T(<) = T(C). So if aT(<)/3 then one application of (VI) gives that 
Va Q V/3, which implies that [Va] < [V/3]. From this and (j7.26p is immediate that 

[V/3] < \/{[V«] I « € T^(^ffl), [Va] < [V/3]}. 

This finishes the base case of the inductive proof of (j7.23|) . 

For the inductive step of the proof there are three cases to consider. First, assume that 
a' is of the form V,;e/ '^i for some finite index set I. Then we may compute 

[a] = \J{[a'j] \ i £ 1} (assumption) 
= y |V{[Va] I a G T^A, [Va] < [a-]} | i G l| (induction hypothesis) 

(associativity of \/) 

< V {[Va] I a G T^yl, [Va] < Vig/[«i] = « } (properties of V) 

Second, consider the case that a' is a conjunction Ajg/ ^'i some finite /. Now we 
have 

[a] = ^{[a'j] \ i £ 1} (assumption) 
= /\ |V{[Va] I a G T^A, [Va] < [a-]} | i G /| (induction hypothesis) 

= V {Aie/[V7(«)] 17:^-^ such that [V7(i)] < [a-] for all z| (distributivity) 

= V {[^^] I ^ ^ '^^'^^ [^^] - ["il 4 

= V { [^^] I ^ ^ [^^] ^ Aie/[ai] = «'} (properties of V) 

Here 'distributivity' refers to the fact that in any Boolean algebra, finite meets distribute 
over arbitrary joins, and 'part 1' refers to the first statement of this Theorem. The point 
here is that we only need to consider those meets /\i^i[V'y{i)] for which 7(i) = for all 
i,j G /, since the other meets will reduce to _L. 



58 



C. KUPKE, A. KURZ, AND Y. VENEMA 



Finally, suppose that a' is a negation, say a' = -^b'. We first claim that 

for ah a G T^A either Va □ b' or Va □ ^b' . (7.27) 
To see this, assume that Va % -16'; then by prepositional logic, 

[Va] A [6'] > ±. 

By the inductive hypothesis, we have [b'] = V{[V/3] | /? G T^A,[V/3] < [b']}, and so by 
distributivity we obtain 

\/{[Va] A [V/3] I /5 G T^A, [V/3] < > ±. 

But then there must be at least one /3 G T^A with [Va] A [V/3] > _L and [V/3] < [6']. By 
the first statement of this Theorem, we can only have [Va] A [V/3] > _L if a is identical to 
/?, and so indeed we find that [Va] < [6']. This proves (j7.27p . 
Because of this we can rewrite [-^b'] as follows: 

[-nb'] = l^b'] A \/{[Va] I a G T^A.} (part 2) 

= V'Lt^^'] ^ [^"] I " ^ (distributivity) 
= V (^["^' ^ I 6' □ Va,a G T^^} U {[^b' A Va] | ^6' □ Va,a G (lTI^ 
= y (^{[±] I 6' □ Va, a G T^A} U {[Va] | ^6' □ Va, a G T^Ajj (immediate) 

= \/{N<^] I h&'] > [Va],a G T^^} (immediate) 

This settles the remaining inductive case, and thus finishes the proof of the third part of 
the Theorem. □ 

7.6. Connecting algebra and coalgebra. Now that we have proved the one-step sound- 
ness and completeness of our logic, we will show how to connect the algebraic functor M to 
the coalgebraic functor T by defining a natural transformation 

which in fact provides an embedding 5x for each set X. 

For the definition of 5, note that given a set X, it follows from one-step soundness 
that |a]i = |6]i for all a,6 G CiPX such that [a]]y[(7px = [^Imcpx' This ensures that the 
following is well-defined. 

Definition 7.29. Given a set X, let 

define a map 8x ■ MPX FTX. < 

Proposition 7.30. The family of maps 5x, with X ranging over the category Set, provides 
a natural transformation 5 : MP FT. Furthermore, each 6x ■ MPX — )• FTX is an 
embedding. 
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Proof. In order to demonstrate that 5 is a natural transformation, we have to prove that 
for any function f : X —?■ Y the following diagram commutes: 



MFY ■ 



FTX 

VTf 

■ pry 



5y 

In order to see that the above diagram commutes it suffices to show that it commutes on 
the generators of MPy. Consider such a generator Va G CqPY. Then 



5x(MP(/)(Va)) 



Remark l7.4l 
Jo natural, Lcm. fTTT] 
A natural 



lT^CoP{f){Va)}i 
A3^(r(I.loo/:oP(/))(a)) 
X^iTPfoTlUc^)) 
PT/([Vali) 



6xi[T^CoPif)iVa)]) 
Xl{Tl-UTCoP{f){a))) 
A3^(r(P/o[.lo)(a)) 
PTf{)^{TlU»))) 
PTfiSviiVa])) 

Let us finally show that 6x is injective for an arbitrary set X. Suppose that = i^xll^]) 

for some a,b ^ CqT^ CqPX. By definition of 6x that means that |a]i = which by one- 
step completeness of the logic entails that [a] = [a'] in MPX. □ 

On the basis of this natural transformation we can define a second notion of complex 
algebra of a coalgebra, next to the Moss complex algebra of Definition 15.111 

Definition 7.31. Let T : Set Set be a standard, weak pullback preserving functor, 
and let X = {X, ^) be a T-coalgebra. We define the complex Wi-algehra of X as the pair 

X* := (PX,5x olPO- < 

The link between the two kinds of complex algebras is given by the functor V from 
Definition 17.201 which allows us to see M-algebras as Moss algebras. 

Proposition 7.32. Let T : Set — > Set he a standard, weak pullback preserving functor. 
Then 

x+ = vx*. 

for any T-coalgebra X. Therefore, for any T-coalgebra X and any formula a £ C we have 

mngy^,{a) = mng^+{a) = {x £ X \ x \\- a}. 



8. Soundness and completeness 

In this section we will apply Pattinson's stratification method [43j in order to prove the 
soundness and completeness of our axiom system M with respect to the coalgebraic se- 
mantics. This stratification method consists in showing that not only the language of our 
system, but also its semantics and our logic can be stratified in uj many layers. As we will 
see further on, the results in the previous section will then serve to glue these layers nicely 
together. 

In order to understand the idea of the proof, first assume that a final T-coalgebra 
Z = {Z, : Z — 7- TZ) exists. Then we could prove that the unique Moss morphism mng^ 
from the initial Moss algebra C to the algebra Z"*" actually factors as mng^ = Vmng^ o g, 
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where q : C A4 is the quotient map modulo derivabihty (in the sense that kei{q) is the 
relation =m of interderivability in M) , and mng^ is an injective M-algebra morphism from 
M to Z*: 

C "^-^VM 

Vmng^ 

vz* = z+ 

On the basis of this we would prove that a b implies that q{a) -^m q{b), and so by 
injectivity of m we would conclude that mng^{a) % mng^{b), providing a state z £ Z such 
that z\\-z a and z 1/^ b. 

Since our set functor T generally does not admit a final coalgebra, we replace the final 
coalgebra with the final sequence. 

Definition 8.1. The final T-sequence is defined as follows. 

We denote by 1 = T^l the final object in Set. The map ho : Tl ^ 1 is given by finality and 
inductively, K+i : r(T"l) T"! is defined to be the map T"/io = r/i„. < 

The reader may think of the T"l as approximating the final coalgebra. Indeed, if we 
let the final sequence run through all ordinals, we obtain the final coalgebra as a limit if it 
exists [4]. Intuitively, where the states of the final coalgebra provide all possible T-behaviors, 
the elements of T"! represent all 'n-step behaviors'. Given a T-coalgebra X = (X, for 
each n uj we may canonically define a map : X — )• T"! providing the n-step behavior 
of the states of X. 

Definition 8.2. Given a T-coalgebra X = (X, we define the arrows ^„ : X ^ T^l, for 
n G cj, to the approximants of the final coalgebra by the following induction: : -'^ — 1 is 
given by finality of 1 in Set, and := T^n ° C • O 

Interestingly, every object T^l in the final sequence can be equipped with coalgebra 
structure. 

Definition 8.3. Let, for each n S w, Z„ be the coalgebra 

Zn := (r"i,r"r7), 

where g is an arbitrary but fixed map g : 1 ^ Tl. <1 

As we will see in a moment, these 'n-final coalgebras' display all possible n-step be- 
haviours, and thus act as a canonical witness for all non-provable inequalities between 
formulas of depth n. 




8.1. A stratification of the semantics. We first show how to slice the semantics of 
nabla formulas into layers. For that purpose we define the n-step meaning of depth-n 
modal formulas as a subset of the set T^l. 

Definition 8.4. By induction on n we define maps mng^ : — > PT^l. For n = 0, we 
define mng^ by initiality of Cq, or equivalently: 

1 if a is a tautology, 
otherwise. 



mngQ{a) := 
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Inductively, assuming that mng^ : Cn has been defined, we may compose Tmng^ : 

TCn TPT^^l with A|;j,„i : TPT"! ^ PT"+H to obtain 

Then we let mng^^i : £n+i — be the unique Boole-homomorphism from ¥{T^ Cn) 
to pr"+^l that extends the mapping given by 

Va 1-4- (Ap-pn^ o Tmngn{a)) for Va G Cn- < 

The following proposition provides a clear link between the n-step meaning of formulas and 
the n-step behaviour map of a coalgebra. 

Proposition 8.5. Let X 6e a coalgebra, and a & Cn a formula of rank n. Then 

mng^{a) = {P^n){mngn{a)). 

Proof. The proof of the proposition is by induction on the modal depth and on the structure 
of the formula a. We only provide the induction case for a = Va G Cn+i for some n ^ u. 
In this case we have 

mng^iVa) = P^{Xx{Tmng^^{a))) (definition of mng^ 

= P^{Xx{TP^niTmngn{a)))) (induction hypothesis) 

= PS, (^PTSn{^T^i{Tmng^{a)))^ (naturality of A) 

= Pin+i{mng^^^{\/a)) (definition of mng^^^ and 

□ 

The n-final coalgebra of Definition 18.31 has the interesting property that its n-step 
behaviour map is the identity map on T"l. As a corollary, the n-step meaning of any 
depth-n formula a coincides with its meaning in the n-step coalgebra. 

Proposition 8.6. Let a be a formula of depth n. Then 

mngj^^{a) = mngn{a). 

Proof. It is not difficult to see that for the coalgebra Z„ (and for this n), we have 

{T^g)n ■■= idr^i. (8.2) 

We confine ourselves to a proof sketch. The basic idea of the proof is to prove inductively 
that {T^g)k = hnk for all k < n, where hnk ■ T^l — )• T^l is the map hnk '■= ^fc°^fc+i°' ' 'O^n- 
Further details can be found in [43l Section 4]. 

The Proposition itself is immediate by Proposition 18.51 and ()8.2p . □ 

As a fairly direct corollary to the previous two propositions we can formulate our 
semantic stratification theorem. Basically it states that the meaning of depth-n formulas is 
determined at level n of the final sequence, and in the n-step final coalgebra Z„. 

Theorem 8.7 (Semantic Stratification Theorem). Let a,b (z Cn be formulas. Then the 
following are equivalent: 

(1) a b; 

(2) mngnia) C mngn{b); 

(3) mng^^ia) C mng^^{h). 
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Proof. The implication 1 =^ 3 is immediate by the definitions, while the implication 2 1 
follows by Proposition 18.51 given a coalgebra X = {X,0, we conclude from mng^{a) C 
mng^^b) that mng^{a) = {¥£^n){fnng^{a)) C (]P^„)(mng„(6)) = mng^{h). The remaining 
implication 3 2 follows directly by Proposition 18.61 □ 

8.2. A stratification of the logic. To see in detail how our logic can be stratified, let us 
first introduce some terminology concerning the stratification of the language. 

Definition 8.8. Let Go := 0, and define inductively Gn+i '■= C^Gn = {Vq | a G 
Ttj£o(G'n)}. In addition, let eo : Go ^ CqGi be the empty map, and define e„+i : Gn+i — > 
£oG„+2 by putting e„+i := Me^. Finally, we let dn denote the inclusion dn Cn '-^ C. <\ 

Recall that Cn denotes the set of formulas of rank n (see Definition 15. ip , and observe 
that Cn = CqGu, for all n, and that each Cn is also the carrier of an algebra in Boole; this 
algebra will also be denoted as £„. Consequently, Cn+i = >Ci(G„), which is different from 
Ci{Cn) = Ci{CQ{Gn))) since in Boole we do not identify terms which are equivalent in the 
theory of Boolean algebras. Also observe that the map : C^Gn CoGn+i is in fact the 
embedding of into Cn+i- 

• Cn ^ -^n+l) 

and that the embedding dn'- Cn^ C commutes with the one-step embeddings, in the sense 
that dn = dn+i o en. 

We can now formulate our stratification theorem as follows. Recall that C is the initial 
algebra in the category Booley. 

Theorem 8.9 (Axiomatic Stratification Theorem). Let m := mngyj^ be the unique homo- 
morphism m : C ^ VA4 in the category of Moss algebras. 

(1) There are maps Qn '■ Cn — ^ MI"2, with each (jn ^ Qoo\G-homomorphism, such that the 
following diagram (in the category Boole j commutes: 




(2) In addition, ker(m) = =Mj' that is, m(a) = m(b) iff a and b are provably equivalent in 
M. 

Before turning to the proof of this result, let us briefly summarize its meaning. Most 
importantly. Theorem 18.91 states that for each n < uj, the Boolean algebra M"2 coincides 
with the quotient of the Boole-algebra C^ under the relation =m of provable equivalence in 
our derivation system M. In addition, the quotient maps g„ commute with the inclusions 
Cn of Cn into Cn+1, and j„ from M"2 into 

In order to prove Theorem 18.9^ we will inductively deflne a relation of "n-inter- 
derivability" between ^C^-formulas. We will see that for every n, the Boolean algebra = 
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C.n/=n is isomorphic to M^S, but also, that for formulas a,b G £„, we have a 
a =M b. The definition of =„ will be such that 



b iff 



{Gn 



+1) =n+l 



) = M(G„;=„). 



Definition 8.10. Let =o ^ Cq x Cq be the relation of provable equivalence between closed 
Boolean terms. Inductively, define the relation =n+i ^ J~-n+i x ^n+i as the congruence 
relation of the presentation M{Gn', =n), and let L„ denote the Boolean algebra B{Gn', =n)i 
or equivalently, L„ = Cn/=„- Given a formula a € Cn, '^^ let [a]n denote the equivalence 
class of a under the relation =„ . < 



As we will see, the algebras L„ form an intermediate row in the stratification diagram (j8.3 
(in the category Boole): 




(8.4) 



Ben 



/n 



U+1 



2 



i^a ... M"2=- 

We now turn to the details of the proof of Theorem 18.91 step by step filling in diagram ([87 
Since we already discussed the embeddings e„, n G w, we start with the map 77^, which will 
denote the quotient map associated with the congruence =n- 

Definition 8.11. Let 7/„ : G„ — ?> Cn/=n be the map given hy rjn g ^ [g\n- < 

We may see the map rjn as a presentation morphism from (G^; =„) to C(L„) — as such 
it is the unit 7?(g„;=„) of the adjunction B -\ C, and hence, a pre-isomorphism (cf. Theo- 
rem |37l3|). This function extends to a homomorphism in Boole: 

which maps a formula a G to its n-equivalence class: 

rjn : [a]n. 

Concerning the maps Ben ■ ^n+i, it is easy to see that they are indeed well- 

typed, but in order to prove that each Bsn is an embedding, some work will be needed. 
The embeddings jn : M"2 M"+^2 have been defined in Definition [7221 

Finally, the isomorphisms /„ of diagram (j8.4p will be defined inductively. 



Definition 8.12. By induction on n we define Boolean homomorphisms /„ : L„ — t- M"2. 
For n = 0, we let /o be the (unique) isomorphism from Lq to 2. For n = k + 1, we first 
define Pn+i ■ ^n+i ML„ by putting Pn+i ■= BMrjn- Then we compose the maps 



irn+i 



2, 



and define fn+i ■= (M/„) op„^ 



The following proposition gathers all the facts about the maps defined until now that 
are needed to prove that diagram (|8.4p commutes: 



Proposition 8.13. 
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[I) In the category Pres of presentation each map Cn is a morphism Cn ■ {Gn] =n) — > 
(Gn+i; =„-|-i), each map rjn '■ {Gn+i',=n+i 

n is a pre- isomorphism, and each 

of the following diagrams commutes: 



{Gn, =n) *- [Gn+l] =n+l) 



(8.5) 



Vn 



C{L,n) G(Ln+l, 



(2) In the category Boole, each of the following diagrams commutes: 



£ 


n 


■ -^n 


+ 1 


(8.6) 






Vn + l 






L 


n 




+ 1 





(3) In the category BA of Boolean algebras, each map Pn+i is an isomorphism, and each of 
the following diagrams commutes: 



Be„ 



L. 



Pn + l 



Pn+2 

■M(L„+i) 



(8.7) 



(4) In the category Boole, each of the following diagrams commutes: 



Vu+l _ ^ 



Pn + l 



(L. 



with pl„ as in Definition \7.15\ 
(5) In the category BA of Boolean algebras, each map fn is an isomorphism; each map 
Ben ■ — ^ is an embedding; and each of the following diagrams commutes: 



Ben 



2!k mn+\- 



Proof. 

(1) It follows by a straightforward inductfon that every e„ is a presentation morphism. The 
other statements of this item follow from the fact that rjn = f]{Gn\=n)i together with our 
earlier observation (cf. Theorem 14. 13p that rj : /dpres ~^ CB is a natural transformation 
of which each r](^Q.pj^ is a pre-isomorphism. 

(2) We claim that if / : {G;R) — )• {G';R') is the presentation morphism represented by 
one of the four arrows of the diagram (jS.Sp . then the corresponding arrow / in (|8.6p is 
the unique Boole-morphism extending / (seen as a map between sets). For instance, 
if / is the presentation morphism rjn ■ {Gn',=n) CL^, then using the fact that 
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Cn = CoGn is the free Boole-algebra over Gn, it follows that f = rjn '^s the unique 
homomorphism in Boole from £„ to L„. Or, to give a second example, Bcn is clearly 
the only homomorphism from L„ to I^n+i which "extends" CBcn ■ CL„ — >■ CL^+i- 

From this it follows that both r/n+i ° e„ and Ben ° Vn are morphisms in Boole that 
extend the map rjn+i o = CBcn ° "Hn (with the identity holding because diagram (jS.Sp 
commutes). But then, again by the freeness of over Gn in Boole, these two extensions 
must be equal, which is the same as to say that (|8.6p commutes. 

(3) It is easy to see that our definition of the map Pn+i indeed provides an isomorphism, 
because 

Mr]n : {Gn+i;=n+i) = M{Gn;=n) ^ MC7L„, 
is a pre-isomorphism in Pres, by Theorem 17. 1 21 inheriting this property from r/„ : {Gn', =n 
) — )• CL„, and B maps pre-isomorphisms to isomorphisms, see Proposition 14. 12l 

To prove that diagram ()8.7p commutes it suffices to see that we may obtain it from 
diagram (18. 5p by applying the functor BM. 

(4) Recall that the family of presentation morphisms 'il{G;R) '■ {G'tR) — > CB{G; R) , defined 
by ()4.2p . constitutes a natural transformation r] : /dpres — > CB. Instantiating the 
diagram which expresses this fact for the arrow Mrjn '■ M{Gn', =n) MCL„, we obtain 
the following commuting diagram: 

M{Gn; =n) ""-^^^tBMiGn; =n) = Gl.n+1 (8.10) 



CBMrtn 



MChn CBMChn = CMhn 

Now we can, similarly as in the proof of item 2, show that each of the arrows in 
is the unique morphism in Boole that extends the corresponding map in (|8.10p . For 
example, consider the map : ^n+i — ^ £iC/L„. It follows from a straightforward 

unravelling of the definitions that £iry„ extends Mry„ (see Proposition 17. 14p . The latter, 
as a function between sets, is just a map from C^Gn = Gn+i to the set of generators 
of the presentation M(7L„, which is nothing but the set CoUt^n- 

But then, again similar to the proof of item 2, we can prove that the maps pn+iorjn+i 
and pl„ ° ^iVn are identical, by noting that both are morphisms in Boole that extend 
the presentation morphism CBMrjn o ??Af(G„;=„) = ^A/CL„ ° Mrjn of diagram (jS.lOp . 
(5) This part of the Proposition is proved by induction on n. For n = 0, the map /o is an 
isomorphism by definition, and the map Bsq is an embedding by initiality of 2 in BA. 
Finally, the following diagram commutes simply by the initiality of the algebra Lq in 
the category BA: 

hff-^U (8.11) 




M2 

In the inductive case for n + 1, by hypothesis the map /„ is an isomorphism, and the 
map Ben an embedding. From this it is immediate that M/„ is an isomorphism as well, 
and since Pn+i is an isomorphism by Proposition 18. 13T 2) . it follows that the map /n+i, 
being the composition of two isomorphisms, is an isomorphism as well. 
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Now consider the following diagram: 



Be 



n + l 




.12) 



Pn + 2 




The upper rectangle of this diagram commutes by Proposition I8.13T 2). and the lower 
rectangle, by applying the functor M to the diagram (j8.9p which commutes by the 
inductive hypothesis. As a consequence, the outer rectangle, which exactly corresponds 
to the diagram (|8.9p for the case n + l, commutes as well. Finally, then, the injectivity 
of Ben+i is immediate by that of jn+i, which was established in Lemma l7.23r i). 

□ 



By Proposition 18. 13l it follows that the diagram (18. 4p commutes. 

For future reference we state the following technical fact, which links the quotient maps 
Qn and qn+i to the natural transformation p of Definition 17.151 instantiated at the Boolean 
algebra M"2. 

Proposition 8.14. For any element a E T^^Cn, we have 

q'„+i(Va) = pM"2V(Tg„(a)). (8.13) 

fk ° Tjk for each k £ u, and 



Proof. To see why this proposition holds, recall that qk 
consider the diagram below 




.14) 



r^[/(M"2) 



where, in order to simplify the diagram, we omit the forgetful functors to Set on the right- 
hand side of the diagram and exploit our ambiguous notation allowing Ci to be considered 
as Set-valued or Boole-valued. 

Here an arrow labelled Vg represents the function mapping an object a £ T^CqG to the 
corresponding formula Va G C-i{G). Note that in the case that G = C/(L„) and G = C/M"2 
we use the fact that T^^G C T^CqG. 

We claim that all squares of (j8.14p commute. To check this for the left squares this is 
simply a matter of unravelling the definitions, and the upper right square has been shown 
to commute in Proposition I8.13l f4). Finally, that the lower right square commutes is a 
consequence of the fact that p is a natural transformation p : CiU ^ M, cf. Proposition l7.16l 

But if indeed all squares of (|8.14p commute, then the identity (|8.13p can simply be read 
off from the outer sides of the diagram. □ 
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Continuing the proof of the Stratification Theorem, what is left to do is Unk the algebras 
L and hA to diagram (j8.4p . We first need a proof-theoretical result stating that on formulas 
in jC„, the notions of n-derivability and derivability coincide. 

Proposition 8.15. Let a and b be two formula in Cn- 

(1) a =n t> iff a =m b for some m E oj; 

(2) a=nb iff a=Mb. 

Proof. Part 1 of the proposition is a direct consequence of diagram ()8.4p commuting. Con- 
cerning the second part, the left-to-right direction can be proved by a straightforward 
induction on n. For the opposite direction '<^=', it suffices to establish that for two formulas 
a,b G Cn we have 

V : hjvi a ^ b implies a Qn b, (8.15) 
where we use a C„ 6 to denote that a =„ a Ab. The proof of (I8.15P is by induction on the 
complexity of the derivation T>. 

We confine ourselves to the most difficult case of the inductive step, namely where the 
last applied rule in V is the cut rule; that is, we assume V to be of the form 

Vi V2 

V : a ^ c c =4 b 

cut — 



a ^ b 

(This case is the most difficult one since here we may not assume c to be in Let m be 
such that c G Cm, and put k := max(m, n). Then inductively, we have o Cfc c and c b, 
from which we easily obtain that a b. But then by the first part of the Proposition, we 
see that a C„ b, as required. □ 

Proposition 8.16. The relation =m C x jC is the kernel of the unique Boo\es/ -quotient 
map from C to VA4 . 

Proof. Define the map q : C ^ as follows. Given a formula a G there is some re G a; 
such that a € Cn- Now define 

q{a) := inQnia) 

This is well-defined by the fact that diagram (j8.4p commutes and we have ker(g) = =m by 
Proposition 18.151 

Then by initiality of C in Boolev it suffices to prove that q is an algebraic homomor- 
phism. For the Boolean connectives/operators this is straightforward, and so we leave this 
as an exercise for the reader. For the V modality we need to prove that the following 
diagram commutes: 

T^C — ^ C (8.16) 

Tq 

In order to prove this, take an arbitrary element a G T^{C). Without loss of generality, 
assume that a G Tij{Cn), so that Va G Cn+i- Then by definition of q, we have 

{q o V^)(q) = q{Va) = i„+ign+i(Va). (8.17) 

Computing (V^-^ o Tq){a), we first calculate 

{Tq){a) = Tin{{Tqn){a)), 
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where {Tqn)(a) belongs to the set Tu,UM"-2. Now we claim that for ah /3 E T^UM^I: 

V^-^(ri„)/3 = Wi/9M"2(V/3), (8.18) 
with /9m"2 as in Definition I7.15[ To see this, consider the following calculation: 

V^^(ri„)/3 = (V {Tin) im (Remark E25]) 

= Jo;' ( (rjz„) (V/3)) ) (definition of tJ) 

= Ju'^ (PM-2 {{CiUin) (V/3))) (/3lC/in tjC/M^a = 

= j^^ ((Mi„ o /3M"2) (V/3)) (naturality of p) 

= i„+l/9M"2(V/3) (t) 

where the last equality (f) follows by Proposition 17. 23T 5). 
And so we obtain that 

(V^^ o Tq){a) = i„+ipM"2(V(rg„)(a)) (8.19) 

Thus in order to prove the commutativity of (j8.16p . by (j8.17p and (j8.19p it suffices to 
prove that 

g„+i(Va) = m"2(V(rg„)(a)). (8.20) 
But this is precisely the content of Proposition 18.141 □ 

We can now prove the Stratification Theorem. 
Proof of Theorem [8791 Given the Propositions [8T3l [8T5] and [8361 ah that is left to do 
is prove that the following diagram commutes for each n € w: 

Cn'^^C (8.21) 



VM 



We already saw in the proof of Proposition 18.161 that the map q : C ^ defined by 

putting, for a & Cn, 

q{a) := in{qn{a)), 

is the unique Moss homomorphism from C to VM; in other words, this map q coincides with 
m. Reformulating this in terms that explicitize the role of the inclusion map dn '■ Cn ^ >C, 
we obtain that m{dn{o)) = q{dn{a)) = in{(ln{o))- In other words, the diagram (|8.2ip 
commutes indeed. □ 

As a corollary we obtain that the algebra VM is the initial algebra in the class of 
Moss algebras that satisfy the nabla-equations. This means that we may see M as the 
Lindenbaum-Tarski algebra of our logic. 

Corollary 8.17. Let B = {B, /\^, \/^ , V^) be a Moss algebra such that M validates every 
instance of the axioms (VI) - (V3). Then there is a unique morphism mng^ : VM — > B 
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through which the meaning function mng^ factors: 




Proof. An arbitrary element of (the carrier of) VA4 is of the form m(a) for some formula 
a & C. We leave it as an exercise for the reader to verify that the following map 

mngl{m{a)) := mng^{a) 

is well-defined and has the right properties. □ 

Remark 8.18. In fact, we can show that the functor V constitutes an isomorphism between 
the category CoalgB;\(M) and the variety of Moss algebras validating the nabla axioms. We 
omit the details of this proof. 



8.3. Proof of soundness and completeness. We are almost ready to prove our main 
result. What is left to do is link the final T-sequence to the initial M-sequence. Recall 
that the elements of T"! intuitively correspond to the n-behaviors associated with T, and 
that Ai, the initial M-algebra, is the colimit of the initial sequence (M"2,j„)„<^, where 
elements of M"2 correspond to (equivalence classes of) formulas of depth n. 

Definition 8.19. We define the sequence of maps Sn ■ — )• PT^l as follows. The map 
So : 2 — )■ PI is given by initiality (and is actually the identity). For the definition of Sn+i, 
recah from Defintion [T^S] that 6t^i : MPT^l PT^+^l, and assume inductively that 
Sn ■■ M"2 PT^l has been defined, so that Msn ■ M"+i2 MPT^l. Composing these 
two maps, we obtain Sn+i '■= St^i o M(s„). <I 

Intuitively, the reader may think of the map Sn as providing semantics of elements of 
M"2. This can be made more precise by proving that the following diagram commutes: 




pr"i 

Here qn is the quotient map under n-step derivability of Theorem l8.9l and mng^ is the n-step 
meaning function of Definition 18. 4i 

From this perspective, the following proposition states that the semantics of a formula 
with respect to the final sequence is independent of the particular approximant we choose. 



Proposition 8.20. The following diagram commutes: 



PI 



30 



PT'^l 



r2 ■ 



3n 



.22) 



Sn+l 

p+i2 



In addition, each map Sn is infective. 
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Proof. In order to show that diagram (I8.22P commutes, we wiU prove that 

Sn+l o jn = P/ln O Sn 

for aU n € a; . The proof is by induction on n. The base case si o Jq = P/ig o sg is a 
consequence of the fact that 2 is the initial object in BA. For the inductive case, where 
n = k + 1 for some A; € w, we reason as fohows: 

Sfc+2 o jk+1 = d^k+ii o M(sA;+i) o M{jk) 

= 6rpk+ii oM{sk+i ° jk) 

= 6rpk+i^ oM{¥hk ° Sk) 

= FThk o 6rpki o M{sk) 

= Fhk+i o sk+i 

Since 5 is injective (Proposition 17.301) and M preserves embeddings (Proposition I7.19"]) . a 
straightforward inductive proof shows that all s„, n G cj, are injective. □ 



(unfolding definitions) 
(functoriality of M) 
(inductive hypothesis) 
(naturality of 6) 
(definition Sk+i) 



We are now going to demonstrate that the coalgebraic semantics and the semantics via 
the final sequence coincide. 

Proposition 8.21. For a given coalgebra X = {X, ^) and any formula a E Cn, the following 
holds: 

mng^{a) = ^~"'^(s„(g„(a))), for all a ^ Cn and n ^ uj. (8.23) 

Proof. First note that ¥X together with the maps ]P^„ o s„ = o Sn form a cocone over 
the initial sequence of M. Therefore there is a mediating arrow 



from the carrier of the initial M-algebra M to PX with the property that mng^oin = ^„ ^°Sn- 
We claim that 



the map mng^ is an M-algebra morphism from to X*. 
In order to prove (j8.24p . observe that by Proposition 17.231 for all n € w we have 

joj ° in+1 = M(i„), 

where : — t- MM'^2 is the inverse of the algebra structure map 'v'-'^ of the initial M- 
algebra. In order to prove the claim it suffices to show that the following diagram commutes 

Wlmngt 



5.24) 
5.25) 



^2 



MFX 
Sx 
¥TX 

-PX 



mng^ 



We prove that the diagram commutes by showing that / := o 5x ° M(mng'^) o j^^ is a 
mediating arrow from (M^2, {in\n&u)) to (PX, {P^n ° Sn\n<^u))- Therefore / has to be equal 
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to mng^ by the universal property of the colimit {in}neuj)- We show that / has the 

claimed property by proving that for all n £ u we have 

H^n) oSn = foin (8.26) 

For n = the equation holds by initiality of 2. Furthermore for an arbitrary n > we have 

S'(6n+i) ° Sn+1 = ^{Tin ^T^i ° Ms„ (definition of and of 

= P(0 o F{TCn) o St«i o M.Sn (functoriality of P) 

= P(0 06x0 MP^„ o Msn (naturality of 6) 

= P(0 °^xo M(P^„ o sn) (functoriality of M) 

= P(^) o 5x ° M(mngJ ° in) (™^5x mediating arrow) 

= P(^) o5x o Mmng^ o Mi„ (functoriality of M) 

= ]P(^) o 6x ° Mmn^x ° jui ° in+i- (equation ()8.25p ) 

Therefore equation (|8.26p holds for all n, which finishes the proof of (|8.24p . 

From this it follows that Vmng* : VA4 — )• VH* is a Moss algebra homomorphism. 
Recalling from Proposition 17.321 that yX* = X"*", we obtain by initiality of /I as a Moss 
algebra, that Vmng^ o m = mng^. Here mng-^ : C X+ is the unique Moss algebra 
homomorphism that maps an element of C to its semantics in X"*", and m := mngyj^ is 
the unique homomorphism m : C ^ VAd in the category of Moss algebras. But then by 
the Axiomatic Stratification Theorem 18. 9( for all n G a; and all formulas a & Cn we have 
mng-^{a) = mng^{m{a)) = mng'^{in{qn{o))) = ^in° Sn{qn{o,)) , where the last identity holds 
by the definition of mng^ as a mediating arrow. This shows that ()8.23p holds, and finishes 
the proof of the claim. □ 

On the basis of the results obtained so far, the proof of our soundness and completeness 
results is now more or less immediate. 

Proof of Theorem 16.101 Let a and b be two formulas in C Fix a natural number n 
such that a,6 G Recall that F„ = {T"'l,T^g) denotes the 'n-step coalgebra' defined in 
Definition E31 

Now consider the following sequence of equivalences: 

a Qm b qn{o) ^ qn{b) (Axiomatic Stratification Theorem 18. 9p 

<^=^ Snqn{a) ^ SnQnib) (injectivity of s„) 

^ (P(T"5)„)(s„(?„(a)) C (P(r"5),)(s„g„(6)) (equation ^) 

<^=^ mngY^{a) C mng^^ib) (Proposition 18.21]) 

<;=^ a \=T b (Semantic Stratification Theorem 18. 7p 

From this the Theorem is immediate. □ 



9. Conclusions 



Summary of results. Obviously, as the main contributions of this paper we see the defi- 
nition of the derivation system M for the finitary version of Moss' coalgebraic logic, the 
result stating that M provides a sound and complete axiomatization for the collection of 
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coalgebraically valid inequalities, and the fact that all of our definitions, results and our 
proofs are completely uniform in the coalgebraic type functor T 

Our proof of the soundness and completeness theorem is rather elaborate and technical, 
but we believe that the effort has been worth the while, and that on the way we have iden- 
tified some new concepts and obtained some auxiliary results that may be of independent 
interest. Of these we list the following: 

(1) a survey of the properties of the notion T of relation lifting, induecd by an arbitrary 
but fixed set functor T (section [3|) ; 

(2) the introduction in Definition 14.81 of the category Pres of Boolean algebra presentations, 
and the establishment in Theorem 14. 131 of an adjunction between Pres and the category 
BA of Boolean algebras; 

(3) the introduction in section 17.31 of the functor M : BA BA, and the results in Propo- 
sition 17.191 that M is finitary and preserves embeddings, and in Theorem 17.281 that it 
preserves atomicity of Boolean algebras. 

(4) the stratification of our logic, both semantically (Theorem 18. 7p and syntactically (The- 
orem 18. 9p ; 

(5) the identification, in Corollarv l8.17l of the initial M-algebra A4, through the functor V, 
as the Lindenbaum-Tarski algebra of our logic. 

Related and ongoing work. As mentioned in the introduction, this paper replaces, extends 
and partly corrects an earlier version [34J. Since the publication of the latter paper, and 
the preparation of the current manuscript there have been a number of developments in the 
area of Moss' logic that we would like to mention here. First of all, based on our one-step 
soundness and completeness results, Bergfeld gave a more direct version of our completeness 
proof in his MSc thesis [12] ; as a corollary he established a strong completeness theorem for 
Moss' logic (modulo some restrictions on the functor T). Second, Bflkova, Palmigiano & 
Venema generalized their earlier result on the power set nabla [13] to the general case of a 
standard, weak pullback preserving functor T: in [H] they provide a sound, complete, and 
cut-free proof system for (the finitary version of) Moss' coalgebraic logic. Systematically 
using Stone duality, Kurz & Leal [38] make a detailed comparison between Moss' approach 
towards coalgebraic logic, and the one based on associating standard modalities with pred- 
icate liftings; their main contribution is a new coalgebraic logic combining features of both 
approaches. Venema, Vickers & Vosmaer [56] study a variant of the derivation system M 
in the setting of geometric logic; their main contribution is to generalize Johnstone's power 
construction on locales, to a functor Vr, parametrically defined in a set functor T, on the 
category of locales. Finally, Bflkova, Velebil &: Venema [15] prove that on the (semantically 
defined) Lindenbaum-Tarski algebra of our logic, the nabla modality has the interesting 
order-theoretic property of being a so-called O-adjoint. 

Future research. We finish with mentioning some directions for future research. To start 
with, in this paper we have studied the nabla operator in the setting of the diagram (]1.5p . 
which is a particular instantiation of the general Stone duality diagram 



where Alg denotes a category of algebras representing the base logic, Sp is a category of 
spaces representing the semantics of the logic, T is the coalgebra functor representing all 




(9.1) 



s 
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one-step behaviours, and L represents the one-step version of the coalgebraic modal logic. 
Given the flexibility of the Stone duality approach we believe it to be of interest to consider 
more instances of the diagram (|9.ip where L is some version of our nabla logic. Of particular 
interest are the cases where for Alg we take the variety of distributive lattices, because this 
could clarify the role of the negation in our setting. 

Second, a clear drawback of the current nabla-based approach towards coalgebraic logic 
is the restriction to functors that preserve weak pullbacks. It would therefore be interesting 
to see whether this restriction can be removed. A first step in this direction has been 
made by Santocanale & Venema [H], who introduce a nabla-based version of monotone 
modal logic, a variant of basic modal logic that is naturally interpreted in coalgebras for the 
monotone neighborhood functor of Example 12.21 — a functor that does not preserve weak 
pullbacks. 

Finally, in the introduction we mentioned that the work of Janin & Walukiewicz |30] 
on automata theory and modal fixpoint logics is an independent source for the introduction 
of the cover modality Vp as a primitive modality. Since Vp also plays a fundamental 
role in Walukiewicz' completeness result for the modal /i-calculus [57] . this naturally raises 
the question whether we can extend our completeness result to the setting with fixpoint 
operators. 
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10. Appendix: overview of notation 

Since this paper features a multitude of categories, functors and natural transformations, 
for the reader's convenience we list these in the tables below. 
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Categories 


BA 


section 12.11 


Boole 


Definition [32] 


Pres 


Definition [48] 


Set, Rel 


section 12.11 


Booley 


Definition 15.61 



Natural Transformations 
Base^ -.T^^ Puj Definition [2l2] 
)f -.TP ^ PT Definition KV2\ 
p: CqU Definition YTm 

5:M¥^¥T Definition YT7M 



Functors 


B : Pres BA 


Definition [451 [491 


(7 : BA ^ Pres 


Definition [49] 


F : Set ^ Boole 


page [23] 


Id, B^, : Set — )■ Set 


Example [221 


Am : Set Set 


Definition 15.61 


M : Pres Pres 


Definition [7J] 


M : BA ^ BA 


Definition [7. 13[ 


Co : Set Set 


Definition [34]&: (liTD 


Ci : Set Boole/Set 


Definition 15.81 


P, P^ : Set Set 


section 12.11 


P : Set ^ SeX.°P 


section 12.11 


P : Set ^ BA°f 


Definition [33] 


: Set Set 


pageim 


: Set ^ Set 


Definition [531 


U : Boole Set 


page [23] 


y :AlgBA(M)^AIgset(^Af) 


Definition [7^ 
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